June 17, 2015
Passwords, MPE, and Security Flaws
Editor's note: in the past 24 hours the world has faced another breach of the LastPass security database, putting hundreds of thousands of passwords at risk. LastPass assures all of its users their passwords are secure after the breach — but change your master password anyway, they add. This makes it a good time to revisit security practices as they relate to the HP 3000 (thanks to Vesoft's Eugene Volokh) as well as our resident security expert Steve Hardwick. Sound advice stays fresh.
More than 30 years ago, VEsoft's Eugene Volokh chronicled the fundamentals of security for 3000 owners trying to protect passwords and user IDs. Much of that access hasn't changed at all, and the 3000's security by obscurity has helped it evade things like Denial of Service attacks, routinely reported and then plugged for today's Unix-based systems. Consider these 3000 fundamentals from Eugene's Burn Before Reading, hosted on the Adager website.
Logon security is probably the most important component of your security fence. This is because many of the subsequent security devices (e.g. file security) use information that is established at logon time, such as user ID and account name. Thus, we must not only forbid unauthorized users from logging on, but must also ensure that even an authorized user can only log on to his user ID.
If one and only one user is allowed to use a particular use ID, he may be asked to enter some personal information (his mother's maiden name?) when he is initially added to the system, and then be asked that question (or one of a number of such personal questions) every time he logs on. This general method of determining a user's authorizations by what he knows we will call "knowledge security."
Unfortunately, the knowledge security approach, although one of the best available, has one major flaw -- unlike fingerprints, information is easily transferred, be it revealed voluntarily or involuntarily; thus, someone who is not authorized to use a particular user id may nonetheless find out the user's password. You may say: "Well, we change the passwords every month, so that's not a problem." The very fact that you have to change the passwords every month means that they tend to get out through the grapevine! A good security system does not need to be redone every month, especially since that would mean that -- at least toward the end of the month -- the system is already rather shaky and subject to penetration.
There's a broader range of techniques to store passwords securely, especially important for the 3000 owner who's moving to more popular, less secured IT like cloud computing. We've asked a security pro who manages the pre-payment systems at Oxygen Financial to share these practices for that woolier world out there beyond MPE and the 3000.
By Steve Hardwick, CISSP
There has been a lot in the news recently about password theft and hacking into email accounts. Everything needs a password to access it. One of the side effects of the cloud is the need to be able to separate information from the various users that access a centrally located service. In the case where I have data on my PC, I can create one single password that controls access to all of the apps that reside on the drive plus all of the associated data.There is a one-to-one physical relationship between the owner and the physical machine that hosts the information. This allows a simpler mechanism to validate the user. In the cloud world it is not as easy. There is no longer a physical relationship with the user. In fact a user may be accessing several different physical locations when running applications or accessing information. This has led to a dramatic increase in the number of passwords and authentication methods that are in use.
I just did a count of my usernames and passwords and I have 37 different accounts (most with unique usernames and password). Plus there are several sites where I use the same usernames and password combinations. You may ask why are some unique and why are some shared. The answer is based on the risk of a username or password be compromised. If I consider an account to have a high value, high degree of loss/impact if hacked, then it gets a unique username or password.
Email accounts are a good example. I have a unique username and password for my five email accounts. However, I do have one email account that is reserved solely for providing a username for other types of access. When I go to a site that requires an email address to set up an account , that is the one I use. Plus, I am not always selecting a unique password. The assumption is that if that username and password is stolen, then the other places it can be used are only other web site access accounts of low value. I also have a second email account that I use to set up more sensitive assess, google drive for example. This allows me to limit the damage if one of the accounts is compromised, and so I don't end up with a daisy chain of hacked accounts.
So the next question is how do you go about generating a bunch of passwords? One easy way is to go into your favorite search engine and type in password generator. You will get a fairly good list of applications that you can use to generate medium to strong passwords. But what if you don't want to download an application -- what is another way?
When I used to teach security this was one trick I would share with my students. Write a list of four or five short words that are easy to remember. Since my first name is Steve we can use that. This of four or five short number 4-5 digits in length 1999 for example. Now pick a word and number combination and intersperse the numbers and letters S1t9e9v9e would be the result of Steve and 1999. Longer words and longer numbers make strong passwords – phone numbers and last names works well. With 5 words and 5 numbers you get 25 passwords. One nice benefit of this approach comes when you need to change your password. Write the number backwards and merge the word and data back together.
Once you have created good passwords, your next challenge is how to remember them all. Some of the passwords I use I tend to remember due to repetitive use. The password for logging into my system is one I tend to remember, even through it is 11 characters long. But many of my passwords I use infrequently -- my router for example, and many have the “remember me” function when I log on.
What happens when I want to recall one of these? Well the first thing is not to write them down unless you absolutely have to. You would be amazed how many times I have seen someone password taped on the underside of their laptop. A better option is to store them on your machine. How do you do that securely?Well, there are several ways.
One easy way is to use a password vault or password manager. This creates a single encrypted file that you can access with a single username and password. Username and password combinations can then be entered into the password vault application together with their corresponding account. The big advantage is that it is now easy to access the access data with one username and password.
The one flaw: what happens if the drive crashes that contains the vault application and data? If you wanted to get started with a password vault application, InfoWorld offered a good article that compares some leading products.
Another option is to roll your own vault services. Create a text file and enter all of your account / username / password combinations. Once you are done, obtain some encryption technology. There are open source products -- truecrypt is the leader -- or you can use the encryption built into your OS. The advantage of using open source is that it runs on multiple operating systems. Encrypt the text file by using your software. Take caution to not use the default file name the application gives you, as it will be based on your text file name.
Once you have created your encrypted file from the text file, open the text file again. Select all the text in the file and delete it. Then copy a large block of text into the file and save it (more then you had with the passwords). Then delete the file. This will make sure that the text file cannot easily be recovered. If you know how to securely delete the file do that instead. Now you can remotely store the encrypted password file in a remote location, cloud storage, another computer, USB drive etc. You will then have a copy of your password file you can recover should you lose access to the one on your main machine.
Now, if you do not want to use encryption, let's look at why not. Well, most programs use specific file extensions for their encrypted file. When auditing, the first thing I would look for is files with encryption extensions. I would then look for any files that were similar in size or name to see if I could discover the source. This includes looking through the deleted file history.
The other option is steganography, or stego for short. The simple definition is the ability to bury information into other data – for example, pictures. Rather than give a detailed description of the technology here, take a look at the Wikipedia page. There is also a page with some stego tools on it . For a long time my work laptop had a screen saver that contained all my passwords. I am thinking of putting a picture up on Facebook next.
Here are a few simple rules on handling multiple passwords
1. Try and use uniques usernames and password for sensitive account. You can use the same username password combination for low sensitive accounts.
2. Run through an exercise and ask yourself, what happens if this account is hacked. So don't use the same username and password for everything.
3. Do not write down your passwords to store them.
4. Make sure you have a secure backup copy of your passwords; use encryption or steganography.
If you want to do some extra credit reading on passwords, there are two good references out there and they are free. The National Institute of Standards and Technologies has a library on security topics that is used by the federal government., a good publication on passwords.
The SP 800-118 DRAFT Guide to Enterprise Password Management focuses on topics such as defining password policy requirements and selecting centralized and local password management solutions.
Steve Hardwick is the Product Manager at Oxygen Financial, which offers advanced payment management solutions. He has over 20 years of worldwide technology experience. He was also a CISSP instructor with Global Knowledge for three years and held security positions at several companies.
Get e-mail notice when the NewsWire blog gets a new entry. Just say "Blog Me" in a message to email@example.com.
June 08, 2015
In 20th year, NewsWire digital turns 10 today
A decade ago today, this blog received its first post. On June 8 of 2005, a death in the 3000's family was in the news. Bruce Toback, creator of several 3000 software products and a man whose intellect was as sharp as his wit, died as suddenly as HP's futures for the HP 3000 did. I wrote a brief tribute, because Toback's writing on the 3000-L made him a popular source of information. His posts signed off with Edna St. Vincent Millay's poem about a candle with both ends alight, which made it burn so bright.
I always thought of Bruce as having bright ends of technical prowess along with a smart cynicism that couldn't help but spark a chuckle. His programming lies at the heart of Formation, a ROC Software product which Bruce created for Tymlabs, an extraordinary HP software company here in Austin during 1980s and early 90s. Toback could demonstrate a sharp wit as well as trenchant insight. From one of his messages in 2004:
HP engineer [about a Webcast to encourage migration]: During the program, we will discuss the value and benefits of Transitioning from the HP e3000 platform to Microsoft's .NET.
Bruce: Oh... a very short program, then.
In the same way Toback's candle burned at both ends, I think of this blog as the second light we fired up, a decade after the fire of the NewsWire's launch. Up to this year we burned them both. Now the blog, with its more than 2,600 articles and almost 400,000 pageviews, holds up the light for those who remain, and lights the way for those who are going. This entry is a thank-you for a decade of the opportunity to blog about the present, the future, and the past.
We always knew we had to do more than give the community a place to connect and read what they believed. We're supposed to carry forward what they know. The NewsWire in all of its forms, printed and digital, is celebrating its 20th year here in 2015. A decade ago our June 2005 blogging included a revival of news that's 20 years old by now. It's news that's still can still have an impact on running a 3000 today.In the blog's first month of 2005, I wrote
"HP 3000 enhancements can travel like distant starlight: They sometimes take years to show up on customer systems. A good example is jumbo datasets for the 3000's database. Jumbos, the 3000's best tool for supporting datasets bigger than 4GB, first surfaced out of HP's labs in 1995, just when the NewsWire was emerging. We put our news online in the months before we'd committed to print, and our report of September 1 had this to say."
HP will make the enhancement available as part of its patch system, bypassing the delay of waiting for another full release of MPE/iX. But there are already discussions from the HP 3000 community that a more thorough change will be needed before long — because 40-gigabyte datasets someday might not be large enough, either.
"Why care about 20- or 10-year-old news? Because the 3000 has such a long lifespan where it's permitted to keep serving. In the conservative timeline of 3000 management, jumbos were the distant starlight, only becoming commonplace on 3000s a decade later. Jumbos are finally going to get eclipsed by LargeFile datasets. HP's engineers say their alpha testing to fix a critical bug in LFDS is going well."
"Like the jumbos before them, LFDS are also going to get a slow embrace. How slowly did jumbos go into production systems? Five years after jumbos first emerged, John Burke wrote in our net.digest column "it is hard to tell about the penetration of jumbo datasets in the user community beyond users of the Amisys application." His column also offered some tips on using jumbos, even while database experts in the community continued to lobby for a way to build larger files."
That reporting in 2005 marked the first time in a decade that 3000 customers could build a dataset as big as they needed. Up until then, LFDS had not been recommended for 3000 customers except in experimental implementations.
The nature of the 3000 community's starlight made a 10-year-old enhancement like jumbos current and vital. Alfredo Rego of Adager once said that his database software was designed like a satellite, something that might be traveling for decades or more and need the reliability of spacecraft to go beyond the reach of support transmissions. HP's signal for 3000s has died by now. We hope to repeat signals, as well as report, for more than another decade, onto the cusp of MPE's calendar reset of 2027. Thanks for receiving these transmissions.
May 20, 2015
Discovering HP's Futures
In a couple of weeks HP computer users will gather for an annual conference in North America. For the past five years, the meeting has been called HP Discover. This year's event is promising to show off visions of the future. Pictures of stalwart enterprise community members will be harder to find.
Among the HP technologies developed as computing environments, only HP's Unix will have a Special Interest Group Forum at the June 2-4 conference. Searching the sessions database for the letters VMS -- pretty special to the Digital customers that HP preferred to serve futures to versus 3000 sites -- yields no hits. If VMS is being discussed at HP Discover, it's likely to be just a topic on the floor.
Stromasys will be on that floor, talking about several platforms whose HP futures have already or will soon enough expire. Charon HPA, emulating the HP 3000 hardware, as well as virtualization products for the Digital systems and even Sun's Solaris computers will be demonstrated. Sarah Smith of Stromasys says it's a regular stop in the company's itinerary.
"At the booth we'll be doing demos of Charon," she said. "We've been going for years. VAX, Alpha, and PDP were all DEC products, so we talk about all of them at Discover."
Meanwhile, HP will be talking about many commodity solutions along with The Machine, its project to deliver six times more power than current computer systems on 1.25 percent of the energy. Its big idea is universal memory, driven by the elusive memristor HP first began discussing in 2008. Universal memory is as inexpensive as DRAM, as speedy as static RAM, as non-volatile as flash memory, and infinitely durable. The Machine is an HP Labs project reputed to have requisitioned 75 percent of the Labs' resources. Its delivery date is far enough out in the future that hearing about its potential is still just about all anybody expects this year, or next.The HP North American shows were once all about users, and then after awhile, all about the products the vendor had delivered and were in use in the field. The HP 3000 slipped out of the session list at HP Discover around 2010, and now the VMS platform hasn't qualified for as much time as The Machine. The conference does gather a nice sheaf of customers to go along with a thicket of HP staff. Even before the show was renamed from the HP Tech Forum, it had tilted toward sales-to-customer events with more than a few NDAs to keep out the riff-raff.
HP Innovation Brought to Life in Film will tell attendees they can "Get a glimpse into some of the revolutionary technologies HP is tackling that address the most complex challenges and opportunities for our customers and our society in the next decade and beyond." There's not much point in setting out session times for an hour on something like improving performance of an HP-specific database, because by now such a thing has dropped off HP's discovery map. That's 20th Century computing, anyway.
But despite the habit of eschewing topics like VMS, MPE, and other HP legacy creations, the company hasn't lost its taste for invention altogether. A panel of HP Labs researchers will offer "a closer look at what it takes to make The Machine change everything we know about computing. This radical new approach will fuse memory and storage, flatten data hierarchies, bring processing closer to data, embed security throughout the hardware and software stacks and enable management of the system at scale."
There was a time when HP's chalk talk about such a product would only have emerged when the product shipped, or at least was priced. When the first HP 3000 Spectrum systems -- the PA-RISC emulated by Charon -- slipped into release, the HP Journal ran tech articles on how they were breaking ground. Aiming at a high bar like "changing everything we know about computing" sounds a lot like a concept film of the 1980s or 1990s HP. Great fun, but perhaps not as immediately useful as the networking within a SIG Forum. At least HP-UX still has that much to count upon in two weeks' time.
May 18, 2015
Portfolios That Make a Path to the Future
Wednesday afternoon (2 PM Eastern time, US) MB Foster is educating IT managers on the business case for using Application Portfolio Management. (Register here for the free event.) APM has gained a lot of traction in boardrooms and the places where analyst reports score points.
Gartner's researchers report that "Application portfolio management is critical to understanding and managing the 40-80 percent of IT budgets devoted to maintaining and enhancing software." HP 3000 managers, and especially those who are on the move to a new computing path, understand how much of their work has always gone into extending and repairing apps that make a difference.
Foster's team says that APM "changes the way you manage IT assets. Without proper visibility, IT executives can never be sure that they are investing appropriately by acquiring enhancing or retiring, the right application at the right time. Without visibility, APM is simply impossible without an ongoing view of IT investments."
In this Wednesday's webinar, Birket Foster will highlight the business case for APM, and outline "where you should start, mapping your portfolio, building a score card, examining business and technical fit, understanding benefit and risks and other subject related content." Foster's been talking about APM for more than 10 years, just about the whole time 3000 migrations have been in play.
APM can begin by delivering a means to increase the visibility of HP 3000 apps. And if that MPE visibility leads to a more energized transition plan — because now the executive management sees how vital the MPE/iX application is to meeting company goals — that's a good thing as well.Retiring out with the HP 3000 has been an option for some managers. But for many others, outlasting the server is becoming a genuine challenge. Leaving a legacy as an IT pro, instead of just the 3000 expert, is a way to revitalize a career.
You have to know how to treat applications as assets, to frame software as if it's as essential as cash on hand for a company. APM doesn't get cited much by the 3000 manager who's worked as a technologist to deliver value to a company. This is the business side of business computing. Learning more about that side gives a manager a greater skill set. Best of all, these practices make it easier to justify IT acquisition and expansion and yes, even a migration with its profound expenses.
Foster says that IT organizations and technology leaders are missing out on an opportunity to reduce IT costs, optimize applications, and deliver value back to the business. "With a bottom-up analysis for top-down decisions, IT departments move from an unclear inventory of applications with limited understanding of each, to a defined inventory with actionable information on the business value and technical condition of each application."
IT wants executive management to understand the condition of applications, built, bought, or accumulated through M&A, as well as how the apps affect and grow the business, and how they affect the bottom line and future budgets. APM can show what skills are required to manage and maintain the portfolio, and where succession planning plays a role.
May 13, 2015
Deciding Which Cloud Cabin To Ride
Trends in IT management are pushing server management into co-located and cloud-based service providers. If a path toward migration seems to lead toward services rather than servers, there are some developments to note while choosing a place to relocate the apps on critical servers.
Amazon is the leader in the cloud computing space with its AWS business. But just until recently, the world didn't know specifics of how well AWS was earning. It turns out that cloud services are one of the few Amazon products making a generous profit. And the existence of profits goes a long way toward protecting the future of any product or service. The 3000 is supposed to have crossed over from profitable to not so during the period after Y2K.
Once the system's projected revenue line dipped below the projected expense line, at that point you could say even those inside HP considered MPE servers a dead product. It didn't happen until after that Year 2000 bubble, though. The HP 3000 owner, having experienced this, will be wary of any single point of solution failure.
AWS is well above such a line. Other companies, such as HP, are not breaking out their cloud business results. But HP is making a point of promoting its latest HP Discover conference around the cloud concept. You can even ride in a cloud, the vendor promises, next month in Vegas.AWS owned more than 25 percent of the cloud infrastructure revenues during 2014, according to the Synergy Research Group. It's such a dominant share that the closest competitor, Microsoft, has only 10 percent, and IBM has 7. Rackspace, a preferred solution for the Charon virtual 3000 solution, comes in at 3 percent. HP's at under 1 percent, one of a host of companies who make up almost half of what's left over.
How big is cloud at AWS? Amazon said it had revenue of $1.57 billion during the first three months of the year. The company said its operating income from AWS was $265 million. Nothing that HP builds returns that kind of profit, except ink and paper.
But at the Discover show in Las Vegas, attendees can win "a VIP ride in the cloud on the High Roller with Connect and Ingram Micro on June 2, 2015. Join us as we journey 550 feet into the cloud over the beautiful Las Vegas landscape while networking and enjoying the ride."
Amazon is going to sell more than $5 billion in cloud services this year, by the company's reports. HP's still calling cloud computing "the new style of IT," and the strategy is pretty new to the IT director who's been managing local and networked servers for several decades. The Hewlett-Packard view from the clouds will include a Special Interest Group meeting for cloud computing during the June 2-4 show.
Hewlett-Packard has announced that it will spend $1 billion by the end of next year to help its customers build private cloud computing. Private clouds will need security, and they'll begin to behave more like the HP 3000 world everybody knows: management of internal resources. The difference will reside in a standard open source stack, OpenStack. It's not aimed at midsize or smaller firms. But aiding OpenStack might help open some minds about why clouds can be simple to build, as well as feature-rich.
May 04, 2015
Candidate Carly looms like 3000 migrations
3000 community pundits and veterans will say Hewlett-Packard's pushing the server off its price lists was inevitable. Today that migration slog seems to hold the same charms as the just-announced candidacy of the HP CEO during that era: Carly Fiorina.
Announcing her run for the presidency will assure Fiorina of much attention, from the requisite Secret Service detail to a raft of coverage about being a female candidate running against another inevitability, Hillary Clinton. The attention will continue to mount upon her term at the HP helm, though, a period that even her fellow Republicans struggle to present as a success.
The similarities between government politics and tech business politics are now in the spotlight, though. Computerworld was writing a story about the intersection today.
Regarding the US presidency, citizens and voters can't go back for more Barack Obama. The 3000 owners couldn't go back for more servers after HP stopped making the computers in 2003, either. Everybody must move on from our current president, just like Fiorina's HP forced the 3000 owners to move away. So very many have moved. But so very few are using any HP product to replace their 3000 operations.
Showing off the hubris that would be echoed in her other attempts, first business and then political, Fiorina's HP alleged in 2002 that more than 4 of 5 customers would be off MPE within four years. Counting the unfinished or un-funded migration projects, close to 4 in 5 customers remained on MPE and the 3000 when that four-year-deadline rolled past. It was more complicated to curtail 3000 computing, just like it'll be complicated for Fiorina to paint her 5-plus HP years as a success.
But that doesn't mean she won't try. However, as the San Jose Mercury News wrote in an editorial, “She takes the Silicon Valley motto that it’s ‘OK to fail’ a tad too literally.” The paper's calling for more women in politics – except Carly Fiorina. The 3000 community only seems to embrace Fiorina's latest political jitney romp as an alternative in the last resort to a Hillary Clinton presidency.
"Killing the HP 3000 was a small pittance compared to the disaster she did to HP," said EchoTech's Craig Lalley today. "No, I would not vote for Carly. But then again, if the two final candidates are Carly and Hillary..."Fiorina has inspired vitriol that remains vivid a decade after she left HP. It's hate for unneeded change coming from her detractors among HP customers. "I'd hate to think of her doing to the country what she did to HP," said Ted Johnson on the 3000 newsgroup this afternoon.
Johnson was one of many around the country today who pointed to a carlyfiorina.org web page that was filled with frowning emoticons. 30,000 of them, the number that Michael Link, assistant director of digital strategy at the Service Employees International Union, says Fiorina laid off at HP. Link adds that Fiorina said she'd only change one thing about those layoffs today: "I would've done them all faster."
A story in the Guardian said the oversight of grabbing such an obvious domain could hurt Fiorina's fundraising.
A campaign team that fails to purchase all permutations of its candidate’s name as even a potential redirected domain is not likely to have repercussions with voters directly, said Peter Shankman, a marketing expert and author of the book Zombie Loyalists. But it might be a more serious problem for backers trying to decide which horse to bankroll in the upcoming election.
“The people who are donating money will look at that as a clear warning sign,” he said. “It’s like spelling something wrong on a cover letter or a resume.”
3000 reseller John Lee said, "If I recall correctly, she didn't kill the 3000, one of her predecessors did. She could have revived it though. Instead, she bought Lear Jets and Compaq. And then tried to follow IBM and Perot Systems by forming a Services group?"
The jets were a sore thumb of a reality, but killing off the 3000 did happen on Fiorina's watch. She joined the company in the summer of 1999, when the vendor was still on the cusp of carrying the 3000 across the Y2K chasm. No killing of 3000s was done deliberately in a period when every customer was shouldering a bigger IT budget, and dot-coms were elevating customer count.
Fiorina claims that HP was a laggard in the computer industry when she arrived, but the company has the ninth-oldest web domain in the world. Where the company lagged was in low-profit computer sales. The Compaq buy-up took care of that lag, even while it drove off those tens of thousands of employees.
Amid the reports on the reality of Fiorina's tenure — a time when HP nearly doubled its revenue but saw its profits drop by one-third, a time when she was sued by both the board of directors as well as the son of HP founder Bill Hewlett — there's some gallows humor afoot, too. HP was big on ending the 3000 while she served, after all.
"I'm ready to know this," said one 3000 manager who didn't want his name used. "When does Carly announce the End of Life for her bid?"
April 22, 2015
Essential Skills: Avoiding A King's Ransom
Editor's Note: HP 3000 managers do many jobs, work that often extends outside the MPE realm. In Essential Skills, we cover the non-3000 skillset for multi-talented MPE pros.
In a recent message on a 3000 developer mailing list, one MPE expert warned of the most common malware attack of 2015: Ransomware. "This is probably the most likely thing to happen to your computer if you click on the wrong thing today," Gavin Scott reports.
It's a nearly perfect criminal scheme.You get the malware on your system and it encrypts all files of value with a randomly generated key, and directs you to send $300 in bitcoin to them in order to get the encryption key to get your files back. It will encrypt every drive it can get access to, so a lot of people get their backups infected in the process of trying to recover. If you pay the $300, then by all reports they do give you the key, you get all your files back, and they don't bother you again. They even direct you to bitcoin ATM companies who reportedly spend much of their time these days providing technical support — to help Grandma operate the bitcoin system to pay her computer ransom.
To explain the fate of having to toss out computers in the IT shop which cannot be ransomed, we call on our security expert Steve Hardwick for some insights.
By Steve Hardwick, CISSP
In a previous article I looked at a Man in the Middle attack using SuperFish. That malware effectively bypassed the encryption built into HTTPS and so allowed Lenovo to inspect secure web traffic. There's another type of encryption hack that's becoming a serious threat: Ransomware.
In standard symmetric encryption, a key — a password — is used to scramble the information to render it undecipherable. The same key is then used to allow a valid user to convert that data back into the original data. Encryption systems ensure that anyone without a key will be unable to reconstitute the original data from encrypted data. Another key component (forgive the pun) is the password used to generate the encrypted data. If a valid user is not able to access the key, then they no longer have access to the data.
In many situations as a security professional, I've been asked how to recover encrypted data after the encryption key has been lost. Despite what TV shows depict, this is not as easy as it looks. Typical recovery of encrypted data is time consuming and costly. The first thing any security professional will say when an encryption key is lost is, "Just recover your data from your backup." But today there's a type of virus out there that uses this weakness, and can compromise backups, too.Ransomware takes data on a machine and encrypts the information, including every data file. The catch to this encyption is that the key is not provided to the user. Typically a message appears telling the user how to get a copy of the decryption key, obviously involving payment. The user is now left with a machine where the data is not accessible unless the encryption key can be obtained. The machine is commonly called a brick. The question now becomes, is there any way to retrieve the data without becoming a victim of extortion?
The actions that can be performed after this attack are very limited. Cracking the encryption itself is going to be difficult at best. Perhaps the one method that can be used is to hope that the virus has been reverse-engineered, so the decryption key is found. There's one common ransomware virus, CryptoLocker, whose code has been cracked and a solution posted for victims to use for free. But you may not be so fortunate. As the time honored saying goes “The best form of defense is a good offense.” Putting provisions in place before the attack is the best way to prevent this extortion.
Here is a list of these measures:
1) Make sure the machine is backed up regularly. It is a good idea to make sure that the backup you are using cannot be compromised by the same virus. For example, some viruses are able to infect the backup as well as the source. That means storing a recent backup offline.
Ed: It's also important that your backup solution does versioning. You don't want to write over a good backup with a bunch of encrypted garbage.
2) Keep your operating system and application software up-to-date with the latest patches.
3) Do not follow unsolicited web links in email
4) Keep your anti-virus software up to date
5) Try to get Windows users not to run with Administrative privileges, which are more prone to attack.
By using these methods, not only will you be less susceptible to ransomware, you will also be less vulnerable to other problems such as other viruses, hard drive failure and loss of your machine.
April 10, 2015
Putting ERP Securely On Your Wrist
HP 3000 ERP solutions are hosted natively on servers, and some of them can be accessed and managed over Apple's mobile tablets. But the Apple Watch that's due in two weeks will bring a new and personal interface for enterprise servers. Indeed, a well-known alternative and migration target for MANMAN and other MPE apps is climbing aboard the Apple Watch bandwagon from the very first tick.
Salesforce has a Watch app coming out on launch day that ties into a business installation of the storied application. Incredible Insights Just At A Glance, the promo copy promises.
Access the most relevant, timely data in seconds. Swipe to see dashboards, explore with lenses or use Handoff to work seamlessly between Apple Watch and iPhone. And use Voice Search to surface a report, view a dashboard, or find other vital information in seconds.
As mobile computing takes a new step with the Watch -- a device that Apple's careful not to call a smartwatch, as it's more of an interface for a smartphone -- security remains a concern. Apple has been addressing it by recognizing the Four Pillars of Mobile Security. A little review can be helpful for any IT pro who's got mobile devices coming into their user base. That's the essence of BYOD: Bring Your Own Device.According to enterprise Mac management software vendor JAMF, securing a mobile system, whether it's a tablet like the TTerm Pro-enabled iPad, a smartphone or a laptop, "requires careful attention to four key areas."
- Data at rest — Securing data on a device
- Data in transit — Securing data as it moves over a network connection to the device
- Application security — Installing trustworthy software from a safe source
- Patching — Keeping software up to date to avoid vulnerabilities
To implement good security reliably throughout an organization, three additional capabilities are crucial:
- Device management — Deployment, application distribution, security policy enforcement
- Reporting — Inventory of all devices and their configuration
- Auditing & remediating — Audit for compliance to security standards and tools to remediate as needed
JAMF sells its Casper Suite as a tool to manage enterprise-grade Apple platform installations. There's bound to be something just as thorough for the Windows-based user community. It's one more thing to ensure is a part of a migration plan, as the 3000's ERP data moves into a fresh generation.
For reference, to help research the caliber of such a Windows-based strategy, here's the breakdown that JAMF provides in a white paper about securing mobile data as well as Apple does.
1. Data at rest — The iPhone and iPad features hardware-based encryption for data at rest that is enabled by default. For Mac, the FileVault whole disk encryption system (a native feature in OS X) protects data with virtually no impact to system performance or battery life.
2. Data in transit — Apple devices can connect via VPN (Virtual Private Network) to secure data in transit. No additional software is required to take advantage of this security feature, and once configured it is transparent to the user.
3. Application security — One of Apple’s best contributions to the IT security field is their App Store ecosystem. Apple reviews all software submitted to the App Store to weed out malware. Each software package is cryptographically signed to prevent any tampering with the files. OS X and iOS are configured to reject any software that lacks a signature. IT staff can sign their own software packages to take advantage of this application security layer.
4. Patching — Since the dawn of computing, all software includes some number of defects or bugs. Some of these defects can be used by malicious attackers to gain access or steal information. The best practice for IT security is to keep all software up to date to eliminate vulnerabilities as they’re discovered. Apple makes this easy with native software patching utilities built-in to the OS. IT staff can host an Apple Software Update Server on the corporate network to speed up patching.
There's a bit of "every problem seen as a nail" with Apple's tools acting as a hammer here. But closed ecosystems have been essential to 3000-grade reliability for decades. Apple controls every aspect of the ecosystem as much as HP did with the 3000, making hardware as well as operating systems. A turnkey solution usually saves time and resources.
April 08, 2015
Essential Skills: Man In The Middle Attacks
Editor's Note: HP 3000 managers do many jobs, work that often extends outside the MPE realm. In Essential Skills, we cover the non-3000 skillset for such multi-talented MPE experts.
By Steve Hardwick, CISSP
Lenovo recently made news in the security industry, and it was not good news. The PC manufacturer was shipping a copy of the Superfish malware with its machines. The software executes a threat known as “man in the middle.” Once it was discovered, companies were advised to remove it, yes. But what is a man in the middle attack, and why is it so dangerous?
Superfish compromises the HTTPS security protocol. It will intercept HTTPS requests made by a browser. It then uses a program to connect to the target website. At the same time it sends its own public key to the browser, and has it trust it. Instead of data coming back from the website to the browser, it now comes to the Superfish program.
Normally, encryption is viewed as using a password or phrase to generate a key. The key is then used to encrypt a set of data in clear text. The resulting cyphertext is then sent to the recipient, who must have the original key to decode it. This is commonly referred to as symmetric encryption: used just for a session, the same key both encrypts and decrypts the data.
The Superfish malware extracts a symmetric key from the website and passes it on. The browser thinks it has a secure connection to the website, when in fact Superfish is now listening to all of the communication from the PC to and from the website. Superfish was originally used to intercept Web traffic and surreptitiously record where the PC's user went on the Web. In addition, it opens up very nasty holes for hackers to use.What's at stake? Superfish is recording traffic that can include a lot of private information: Social Security numbers, banking details, credit card numbers, or health information. All a hacker has to do is to break into Superfish and take a copy of the data that it stores back to their location. There it can be reviewed and the personal data extracted.
Second, since the Superfish application is the one validating the digital certificates, false certificates can be installed. This allows a hacker to install a false certificate for a banking site. The user would connect to their back, and instead the hacker would use Superfish to connect to their site. The user would feel safe that the HTTPS connection had been made and all of the data was secure. However, the hacker is now collecting all this private information.
This was a bad security hole. Users were initially unaware of the application that was loaded by this PC manufacturer. There are now many sources of instructions on how to remove this piece of malware. How could this have been avoided in the first place? First of all, it is worth checking the installed program list of any new machine. Work through the list of programs and then use a browser to look up ones that do not look like standard applications. Superfish came up as VisualDiscovery for example.
Sometimes programs like this get loaded when other programs are loaded or upgraded. Browser search bars can get in that way. The only certain way to remove Superfish is to completely wipe the hard drive, and then reload the operating system from scratch, only putting in the programs you want. In many corporations, machines are rebuilt like this using an image of a hard drive that was previously configured safely.
But what is a man in the middle attack, and why is it so dangerous? It helps to know how computers encrypt data.
How encryption works
We begin with understanding how computers identify their partners. One of the major challenges of symmetric encryption is how to deliver the symmetric key safely to the recipient.
To overcome this challenge, Whitfield Diffie and Martin Hellman devised a method of exchanging keys called asymmetric encryption. In this approach, one key is used to encrypt the data and a different key is used to decrypt the data. The two keys are created as a pair. The encryption key, since it is not disclosed, is called the Private Key. The second, which can be distributed, is called the Public Key. Additionally, the public key can be used to encrypt data and the private key used to decrypt it. Using the public key to encrypt a symmetric key allows it to be decrypted only by the user that has the corresponding private key.
The next challenge that arises is verifying public keys. For example, Jane sends Bob an email message saying “Attached is my public key.” Bob then sends Jane an email saying “Here is my public key.” So Bob and Jane can now use these asymmetric keys to securely send a symmetric key. The symmetric key can then be used to encrypt and decrypt the file data. However a couple of days later Bob gets another email message from Jane saying ”New public key attached.” What should Bob do? Ironically at the same time Jane has receive an email from Bob saying ”New public key attached.” Let's say they both believe it is real. However, neither sent the keys.
A bad guy, intent on reading their encrypted data, sent these keys out. Jane uses the new Public key from Bob to encrypt the symmetric key and sends it out. The bad guy sees it and uses the fake private key he created for Bob to decrypt the symmetric key from Jane and store it. Then he uses the fake private key for Jane to encrypt the symmetric key and send it to Bob. Bob uses the fake public key from Jane and decodes the symmetric key. Now Jane and Bob think they are the only ones with the symmetric key and start sending encrypted messages. However, the bad guy also has the symmetric key and can also decode the data too.
What was needed was some way of validating that the public key came from the person that claimed it. The concept of a digital certificate resolves this challenge. A company called a Certificate Authority sets up a way to validate user identity. They send out their public key to everyone who trusts them. The users then send their public key to the CA. The CA verifies their identity and encrypts their public key with the CA private key. The resulting file is now sent out in lieu of a public key. When the recipient receives it they decrypt it with the CA public key and get the validated user's public key. The user public key that was encrypted with the CA private key is called a digital certificate. This is used in HTTPS web connections.
A website owner will generate their Public/Private key pair. They will send it, together with the required documentation, to a digital certificate provider. (There are many out there; just search the Internet.) The digital certificate provider, after authentication, sends back the digital certificate. The web site owner can now set up an HTTPS web site. The digital certificate is sent to the web site user. If the public key of the CA is loaded into their browser, then the website Public key is extracted automatically. The website can now use their private key to send symmetric keys to encrypt the data. A secure channel can now be established. Plus, the website user can also use the digital certificate to validate the website address.
April 01, 2015
River cruiser to ferry MPE exokernel mission
An obscure, elite set of EU computer scientists will tackle the looming challenge of slimming down the 3000's operating system this summer, working aboard a cruise ship plying the waters of Europe's river system. The fledgling coalition of seasoned developers will occupy the Norwegian Avignon Passion II on a route between Budapest and Prague, taking on Eastern Bloc developers at Regensburg, Melk, and Roth along the Danube.
The design team's leadership said they were inspired by the Salesforce Dreamforce cruise liner accommodations at this summer's conference. That 135,000-attendee event will handle some needs for lodging and services from the Celebrity Eclipse. The design team will go the next step and cast off its lines in Central Europe, rather than stay tethered to a pier of prior engineering.
"There's nothing we'll want for while we're afloat," said Jean Noosferd, the group's managing director. "It's just us, three million lines of code, and the passion we have to make MPE as popular as Linux." Microkernels for Linux are lifting the popularity for these slimmed-down instances of an OS.
Working from the concept of an exokernel — MIT designs that are much smaller than a normal kernel such as MPE/iX's current monokernel design, and even smaller than a microkernel — the group will leverage the work of open source teams such as the Polish-based Pjotr Mandate. The object is to reduce the installation and management footprint of PA-RISC-ready operating systems. If successful, the development cruise will dock at Prague and release its team of scientists.
"If not, we sail back to Budapest and rework our designs," Noosferd said. When a new version of MPE emerges from the work, the Passion II will remain afloat to preserve the legality of an adapted and enhanced 3000 OS. The software will be sold and distributed using cloud-based Moonraker servers. HP's restrictions on the MPE source code prohibit new versions to be released in any country. "We'll be sailing between countries," Noosferd said. "International law is in force, and so intellectual property ownership will be preserved."Operating in close quarters, the set of scientists will be using small teams, the organizational structure that gave the world the initial breakthrough of MPE. "We all believe in mono-tasking," Noosferd said. "Small teams and small projects are beautiful, and working from staterooms aboard the Passion II will squeeze the best from us. It's like the quote from William Morris, 'Have nothing in your houses that you do not know to be useful, or believe to be beautiful.' We'll have nothing aboard but bytes and brains." Noosferd said that rumors of powering the developers on a steady diet of Beluga caviar are "as outlandish as running a 3000 from an iPhone."
Like an exokernel, which delivers more direct access to a computer system's hardware, the development cruise will remove most distractions. "Unlike that Dreamforce ship, we won't be released to the sea," Noosferd said. "Like MPE's community, we respect boundaries, such as those riverbanks along our path."
The original MPE was designed to operate in a tiny 64KB memory space. If successful, the entire instance of what being called MPE-ExO could fit on an HP Moonshot micro-server. That low-cost hardware has been promoted as a hosting platform for hyperscaled processor computing. Intel's Atom processors — so-named because of their size — are the workhorses of Moonshot.
March 13, 2015
Fiorina campaigning again, against Clinton
Former HP CEO Carly Fiorina pushed herself to the front of news again, as a story in the New York Times chronicled her campaign against former Secretary of State Hillary Clinton. Fiorina has spent the last several years aiming criticism at Clinton, including a recent swipe that attempts to smear Clinton's travels around the world.
"Like Hillary Clinton, I too, have traveled hundreds of thousands of miles around the globe," Fiorina said, "but unlike her, I have actually accomplished something.” The claim recalled memories of Fiorina's most lasting accomplishment from her HP days: hawking a merger that pushed out the values and influence of the Hewlett family.
Thirteen years ago this week, a raucous stockholder showdown in Delaware ended with Fiorina's forces victorious, approving the Compaq merger. Walter Hewlett, son of HP founder Bill Hewlett, contested the vote in a lawsuit. HP directors on Fiorina's team responded by refusing to nominate Hewlett to keep his seat on the HP board.
Many actions of that period were designed to make HP bigger. Low-growth product lines were cut or de-emphasized, most particularly in the HP 3000 world. Despite the efforts to puff up HP, though -- and continue revenue growth to satisfy shareholders -- the plan had no effect on stock value. By the time Fiorina was fired in a board move -- 10 years ago this month -- HP shares sold in the low $20s, just as they did on the day of that Delaware merger victory.
Those inflated accomplishments of her go-go strategy were not misunderstood by the Times writer. "Her business career ended... in one of the more notorious flameouts in modern corporate history," Amy Chozick wrote today. "After orchestrating a merger with Compaq that was then widely seen as a failure, she was ousted in 2005."
The failed merger with Compaq did give HP a product with some foothold in 3000 migration projects, though. The ProLiant servers from Compaq are competitive with Dell and Lenovo systems for installations of Windows Server, the most-chosen alternative to HP 3000s.
Fiorina's tone has been strident, much as it was during her tenure when the 3000 was cut loose by HP. She's most recently tried to assert Clinton has stolen concepts and intellectual property from her.Pushing onward without regard for reality was among the things that got Fiorina fired 10 years ago. HP's board had trouble getting her to relinquish controls that might've tempered her mission to acquire corporations. In her Clinton attacks, Fiorina claims the title of the autobiography she wrote, Tough Choices, was appropriated by Clinton when the former First Lady wrote Hard Choices.
A Twitter image on a Fiorina feed posted the covers of the books side by side. There's also the former CEO's claim that a Clinton speech to female tech professionals, saying that women can "unlock our full potential," is a theft of Fiorina's Unlocking Potential Project.
The Times article, as critical of Fiorina as the former executive has been of Clinton, prodded that claim, too. "Fiorina came in for some derision on The Huffington Post, which recounted the tussle under the headline “Overused Management Bromide Now The Exclusive Property of Carly Fiorina, Apparently.” "
The CEO who led the HP which cut off its 3000 plans has many critics in the community to this day. The impact of a rush to expansion kept HP off its legendary game of R&D, according to HP's former VP of Software Engineering Chuck House. OS marvels of their day like MPE don't flow out of HP labs any longer.
A recent $2.7 billion acquisition of Aruba Networks is the latest HP purchase, buying technology that promises a cutting-edge firewall to enable mobile enterprise computing with the Aruba Mobility-Defined Network. HP says the deal "positions Hewlett-Packard to accelerate enterprise transition to a converged campus network." It's also about 90 percent smaller than the Compaq merger — more in line with the reduced HP of today.
March 10, 2015
Size matters not: Gigaom blog folds fast
News surfaced this morning about the landmark tech blog Gigaom. The New York Times reports that the massive operation switched off its news reporting in a rush sometime yesterday. The halt of news and postings was as swift as the one Interex experienced almost 10 years ago. Like the user group's demise, unpaid bills were Gigaom's undoing.
Gigaom was big enough to produce conferences. It also offered a white-paper research business. And like the NewsWire, it sold advertising. None of that was enough to keep away Gigaom's creditors. In an echo of what happened at the 3000's final user group that focused on the server, big was no protection against borrowing.
The Times story quoted the site's founder Om Malik in a confirmation statement. "Gigaom is winding down and its assets are now controlled by the company’s lenders,” he said. “It is not how you want the story of a company you founded to end."
One commenter asked, "What does this mean for upcoming events like GigaOM Structure Data next week?" Indeed, like the Interex meltdown, GigaOm has many commitments to keep and by now the lenders are taking control of operations. The scope of failure is similar to the HP World show that never opened in August, 2005. More than $300,000 in tickets were sold to this month's GigaOM conference. There's no word on refunds. For the moment there's no announcement of bankruptcy, though.
All-digital was the only platform GigaOM ever used to spread information. One comment suggested that tech journalists are writers who couldn't make it elsewhere in publishing. That's too broad a brush considering the number of online tech writers. But it's easy to fill a digital outpost with opinions and little news.
The caliber of content is important. So is a manageable mission. Being small and profitable has been the watchword for nearly all of the 3000 vendors and companies since I got here, more than 30 years ago. All of us have been managing risk in what's clearly a contracting market. Gigaom's shutdown is the sort of outcome an IT manager might experience if an app vendor went dark overnight.Unlike Interex, the Gigaom site remains online today, filling up with comments from its loyal readers. Some are dancing on the blog's grave. Gigaom opened for business a year after we started the NewsWire's blog. The changes in the Web publishing model have been profound -- and that's in a marketplace with new technology and systems rollouts.
About a year ago, the blog's founder Om Malik announced he'd reeled in a fresh $8 million of funding for his operations. He also joined the venture fund investment company, "and so I'm hanging up my reporter's notebook." It's an interesting image, that hanging up of a notebook. We don't wear hats any longer in the press like reporters did in the Fifties. But really, you file away notebooks, and the research and learning that started in notebooks at GigaOM will remain online for awhile. That's one advantage of being all-digital: what you provide is a legacy that needs little more than a hard drive and a Web address to survive.
Anyone who writes news for a living might see the fatigue in Om's notebook-hanging of one year ago.
Living a 24-hour news life has come at a personal cost. I still wake in middle of the night to check the stream to see if something is breaking, worrying whether I missed some news. It is a unique type of addiction that only a few can understand, and it is time for me to opt out of this non-stop news life.
Malik had a lot in orbit, so the crash will sound large. Smaller blog ventures will create more stories starting today. Yoda's line from the Empire Strikes Back rings out at me this morning. "Size matters not," he told Luke. "Judge me by my size, do you? And well you should not. For my ally is The Force." We can all feel The Force when we feel small -- in markets, in futures, in whatever we would like to dream.
February 27, 2015
Dow hits record while HP shares fall out
On the day the Dow Jones Industrial Average reached a record pinnacle, Hewlett-Packard released quarterly results that pushed the company's stock down 10 percent.
HP is no longer in the Dow, a revision that the New York Stock Exchange made last year. HP is revising its organization this year in preparing to split in two by October. The numbers from HP's Q1 of 2015 indicate the split can't happen soon enough for the maker of servers targeted to replace HP 3000s. The company is marching toward a future more focused on enterprise systems -- but like a trooper on a hard course, HP fell out during the last 90 days.
HP said that the weakness in the US Dollar accounted for its overall 5 percent drop in sales compared to last year's first quarter. Sales would have only fallen 2 percent on a constant-currency basis, the company said. It mentioned the word "currency" 55 times in just its prepared marks of an earnings conference call this week. The 26.8 billion in sales were off by $1.3 billion on the quarter, a period where HP managed to post $1.7 billion in pre-tax earnings.
That $1.7 billion is a far cry from Apple's $18 billion in its latest quarter profits. HP's arch-rival IBM is partnering with Apple on enterprise-caliber deals.
Meanwhile, the still-combined Hewlett-Packard has rolled from stalled to declining over the last 18 months, which represents some of the reason for its bold move to split itself. "Enterprise trends are set to remain lackluster absent a transformative acquisition," said one analyst while speaking to MarketWatch this week. Two-thirds of the $5.5 billion in Printing came from supplies. Ink is still king in the printing group
Industry Standard Systems (Intel-based Windows servers) provided the lone uptick in the report. Sales of products such as the newest Gen9 ProLiants lifted the revenues up 7 percent compared to the Q1 of 2014. HP is ready to take advantage of upcoming rollovers in Windows Server installations.Results from the Enterprise Group delivered another chorus of downbeat numbers for the Business Critical Systems operations. The group where HP's Unix and VMS enterprise servers are created saw its sales fall 9 percent from last year's Q1. Of course, that period showed a revenue drop as well. BCS operations -- where the HP 3000 resided when it was a Hewlett-Packard product -- haven't seen any recovery in more than two years.
BCS results have been so consistently poor that HP considered that 9 percent drop a good sign. "We also saw some recovery in business-critical systems," said CFO Cathie Lesjak, "with revenue down only 7 percent in constant currency or 9 percent as reported."
Lesjak pointed out to the analysts on its conference call that hardware such as the Integrity HP-UX servers are vulnerable to the value of the US Dollar.
Our personal systems and our Enterprise Group hardware businesses have very little in natural hedges, as our component contracts are typically in US dollars. As a result, these businesses are disproportionately impacted by currency movements. However, we do have some ability to increase pricing in response to currency movements, while being mindful of competition and potential negative impacts to customer demand.
HP is expecting all of the 2015 hardware growth in the Enterprise Group to come from its Gen9 lineup of ProLiant systems. Windows Server 2003 has an expiration date for its support coming up in July, an event that HP believes will give it some fresh wind in its enterprise sales.
"I think we are really well positioned to take advantage of Windows 2003 refresh, just as we were from the XP migration and the PC business," said CEO Meg Whitman. "I think we feel really pretty good about that business for the reminder of the year. And I think we are very well positioned .and the Gen9 server was dead-on, from the market perspective."
February 26, 2015
Not a good night to news — a new morning
Last week on this day we announced we're going all-digital with HP 3000 news. So what follows here is not a good night to publishing, but a good morning. Early each day I trek to my Mac and open a digital version of our Austin newspaper. We make coffees and print out the day’s crossword and number puzzles, using the digital American-Statesman. Abby I write on these two pieces of paper, front and back, because it’s the classic way to solve puzzles. But the rest of the day’s news and features arrive digitally. We can even follow our beloved Spurs with a digital version of the San Antonio paper, scanning an app from our iPads.
We discovered that we don’t miss the big, folded pages that landed on our driveway, the often-unread broadsheets that piled up under the coffee table. I hope you won’t miss those mailed pages of ours too much. Paper is holding its own in the book publishing world, yes. The latest numbers show 635 million printed books sold in 2014, a slim 2 percent rise over 2013.
But this is the news, periodical pages whose mailed delivery period is usually measured in days. A tour of publications that quit print in the past year or two is in order. We start with the most recent retirement, Macworld. Its final print issue mailed last fall — now all-digital. It sells what it is calling “digitally-remastered” articles, something aimed at iPad readers. The subscription cost has even increased.
How about some venerable newsweeklies, like US News & World Report and Newsweek? Both still serve stories from lively websites. Their stalwart competitor Time still sits on waiting room tables and newsstands, though. But just 48 pages of print is the norm for that weekly.
Some publications in our own 3000 world pulled their plug too early, or too late, to deliver a digital generation.In our world, Interact magazine and its cousin HP World stayed too long at the fair and collapsed along with the user group Interex. HP Professional, HP Omni, HP User — all made their exit before digital rose up as a vibrant publishing outlet. PC World evolved to digital in 2013, after printing 750,000 copies a month in 2006. That’s a lot of pulped trees being sacrificed for the needs of that publication’s advertisers.
The advertisers, our sponsors, made the NewsWire a success. We began our ongoing journey with the ideal of making subscriptions the biggest part of our business model. But the printed trade journals of the 1990s made short work of that idea. Readers were avid, yes, but unwilling to pay in great numbers.
Sponsors like ours stepped up to tap that readership with support for our pages, whether in print or on the Web. There have been more than 210 companies who have made our 8 million printed pages possible, so far. Our final printed issue, Winter 2015, has pages sponsored by the most stalwart and steady. Others are already all-digital sponsors. Some support us simply to ensure the 3000 has a digital outpost.
More than 19 years of printing and mailing pages is what your community and all those sponsors enabled. There are digital editions in our future and yours. The community continues to require the vantage point of a publication, a place to discover stories about themselves.
Some stout espresso and sharp pencils start most days around my house. Finding what’s new, and chronicling it in a story, remains fun and useful creation. The early morning's spark and the durable magic of email, plus the Web, helped us create the NewsWire’s print. Now it’s our time to spark the rest of our ride using our digital bolt.
February 23, 2015
Rackspace lines up for MPE cloud Charon
Stromasys has started to offer cloud-based versions of its HP 3000 virtualized server, after successful tests using Rackspace as a cloud provider. The software solution’s total ownership cost will drop as a result, according to company officials.
The Charon HPA virtualization system is also being sold at an entry-level price of $9,000, according to Razvan Mazilu, Global Head of Presales and Services. That price point delivers an A400 level of performance with eight simultaneous connections.
“The price range for our solutions goes from $9,000 for the HPA/A408D to $99,000 for the HPA/N4040,” he said.
Deploying that software in a cloud setting is still in early stages, now that the testing was completed in November. Stromasys says customers can use their own cloud providers, or Stromasys can recommend a provider as robust as Rackspace.“This is a brand-new feature that we are implementing,” Mazilu said. “We are talking to a couple of new customers about this, and so it’s on the table, rather than hosting their own systems at their site. Remote sales people, for example, don’t have to go to the office.”
“A customer doesn’t have to create a remote access infrastructure to provide users with access to the systems. This removes the boundaries from the systems. Since the 3000s are usually quite old, they tend to be forgotten when it comes to providing remote access to them.”
By going with a cloud installation, “they do not need to invest in the day-to-day operations and maintenance, either,” said Alexandre Cruz, Stromasys Sales Engineer. Cruz has been in close contact with the HP 3000 customers using Charon. He added that “being on a contract with a cloud provider, they can cancel at any time.”
Implementing the cloud version of Charon on Rackspace showed no decline in performance, Cruz said. “I had a very big pipe, 250 megabits, and that’s not the top of the top-end for systems. We can improve on the network speed if needed.”
February 20, 2015
Turning the Page on Paper News
We always knew that digital delivery was part of The 3000 NewsWire mission. We branded our publication with the word “wire” because that’s what the world understood in 1995 about anything beyond printed information.
Closing in on 20 years later, it’s time to unplug from print. The change has been inevitable, a lot like many changes for the 3000 community’s members. It also mirrors the way information and content moves today: virtually without wires.
In the year that my wife Abby and I started the NewsWire, using wires was essential to staying connected. Our computers were wired to the network, the modem wired to the computer. Our music came to us over a CD player wired up to a stereo receiver, and the receiver was wired to our big honking speakers.
Today it’s all wireless, and starting after this month's Winter issue, just mailed, we’ll be all paperless. Our music and computing has gained flexibility and speed while it shed its wires. Going paperless and wireless amount to the same thing: embracing a new, fluid future for what we need.
When I started writing this news resource, I had to be connected via wires just to make a paper product. Now we can send and receive information with no wires to speak of, except for those in the datacenters where our information is stored and exchanged. The laptop is wireless, tablets and phones are wire-free. So can build on what we’ve shared for close to 20 years using no paper. Even the invoicing has gone all-digital.
We still love paper here. There’s no future that I can see where paper won’t be a special medium for consuming and enjoying some stories. But for news, and things that evolve, digital delivery is the flexible choice for 2015 and beyond.
No, this isn’t our end-of-life notice. But after more than 8 million mailed pages since 1995, we can go farther with digital delivery.The world of the NewsWire beyond print is just as real as the years of 3000 life after the Hewlett-Packard announcement of 2001. We’ve printed far more issues and dispensed more news since the week of that November notice than before it. For 13 years afterward, print issues of the NewsWire have rolled off a press. Instead, this transition for us is a total commitment to what’s been our primary medium for more than nine years.
Our print issue readers have been enjoying and archiving paper copies since before there was Google, Amazon, or Apple’s iPod. We’re just following the lead of countless news outlets who’ve transcended their boundaries of column inches and the limits of page counts that they had to bind within covers.
Print has been important, so crucial to our work that growing into this moment never would have been possible without the many pages mailed across three different decades. By our accounting, we’ve sent more than 8.5 million pages into worldwide postal systems, as well as distributed at shows, since the year when Lew Platt was a new CEO at HP.
When Abby and I launched this venture during the prior century, no digital-only information resource could be taken seriously. A website? You had to be more than that. After more than a generation, the picture has flipped — enough that an evolution to all-digital confirms the view that what’s important is what’s written and shown, regardless of its medium.
It’s a transition that’s akin to what the 3000 is going through this year and beyond, as the aging HP hardware starts to cross over into cloud virtualization. We once needed print as much as MPE needed PA-RISC chips. Now each is a throwback. Your market still wants to look forward.
Even with all of that certain strategy, this was not an easy step to take. Abby and I grew our careers in the era of printed publishing. The smell of fresh ink on crisp paper — whether it was newsprint like the tabloids such as the HP Chronicle where I started, or the 60-pound white stock of the NewsWire — still triggers a rising heartbeat and a tug at heartstrings.
When we rolled off the press in 1995, we loved paper as much as we loved immediacy, the certainty that we offered as much as anyone could know on the day we printed. Just as we shipped off Issue No. 1, we created the FlashPaper, a last-minute roundup of the latest 3000 reports on a stuffed-in, goldenrod-colored sheet. Not long after that, we went to e-mail delivery of other stories in an Online Extra. It’s been a great ride to push the paper this far.
February 19, 2015
NewsWire Goes Green
After almost 20 years of reporting news and technology updates using our printed issues, The 3000 NewsWire goes to an all-digital format following this month's Winter 2015 print issue. It's our 153rd, and this announcement marks our new focus on delivering information exclusively online.
This is not a farewell. We're only saying goodbye to our paper and ink.
The articles and papers published on this blog will continue to update and inform the MPE community. After racking up more than nine years of digital publishing, this blog now has more than 2,500 articles, including video, podcasts, and color digital images from resources around the world. We have immediate response capabilities, and rapid updating. We have a wide array of media to tell the stories going forward from 2015.
It’s the reach of our Web outlet that enables the strategy to take the NewsWire all-digital, also reducing the publication’s eco-footprint. Online resources go back to 1996. We'll take special care to bring forward everything that remains useful.
The first paper issue of The 3000 NewsWire appeared in August of 1995 at that year’s Interex conference in Toronto. We hand-carried a four-page pilot issue to Interex '95. To introduce the fresh newsletter to the marketplace, HP announced our rollout during its TV news broadcast 3K Today.Throughout our publication’s history, the Web has offered a growing option for news distribution. After websites became the primary means for news dissemination, in 2005 this blog took over as our primary outlet for reports. The quarterly print issues across the last two decades have summed up the greatest hits of these reports, each covering the prior three-month period.
The blog now becomes the exclusive source for updated 3000-related news and market updates. But there will continue to be digital editions of the NewsWire, edited and curated for our readers in PDF formats. This new Digital Focus product will offer fine-tuned searching capability. The dizzy array of outside weblinks will fall away in a Digital Focus PDF compilation. And creating PDFs for passing on our articles will be easier, too.
Our daily updates for new articles are available via Twitter by following @3000newswire. We've had an RSS digital feed for almost 10 years by now, too.
We're working on evolving our presentation while we go green in 2015. We'd love to hear from you about our growing digital development, and what you'd like to see in this new year.
February 05, 2015
Getting Chromed, and Bad Calls
The HP 3000 made its bones against IBM's business computers, and the wires are alive this week with the fortunes of Big Blue circa 2015. Starting with meetings yesterday, the company is conducting a Resource Action, its euphemism for layoffs. IBM employees call these RAs, but this year's edition is so special -- and perhaps so deep -- it's got a project name. The cutting is dubbed Project Chrome, and so the IBM'ers call getting laid off Getting Chromed.
Hewlett-Packard has never wanted to call its layoffs by their real name either. The first major HP layoff action during the 3000's watch came in the fall of 1989, when more than 800 of these separations were called "being excessed." Employees had four months to find a new place inside HP, but had to search on their own time. Engineers and support staff were given the option to remain at the company, but jobs at plant guard shacks were among their new career options. Another virulent strain of HP pink slips came in the middle of the last decade, one of the purges in pursuit of better Earnings Per Share that pared away much of the remaining MPE/iX expertise from the vendor.
Aside from bad quarterly reports, these unemployment actions sometimes come in the aftermath of ill-fated corporate acquisitions. This week on CNBC's Squawk Box, analysts identified HP's Compaq merger as one of the worst calls of all time. The subject surfaced after the questionable call that led to a Seattle defeat in Sunday's SuperBowl. A big company's failures in new markets can also be to blame for getting Chromed. IBM has seen its revenues and profits fall over the last year, while mobile and cloud competitors have out-maneuvered Big Blue.
IBM has already shucked off the Cognos development tool PowerHouse as of early last year, but now comes word that other non-IBM software is getting its support pared back in the RA. In the IEEE's digital edition of Spectrum, one commenter made a case for how IBM is sorting out what's getting Chromed.
The digital article on the IEEE website also includes some reports that employees over 40 have been targeted. They then saw the company threaten to withhold severance packages if age-discrimination lawsuits were filed.
I am the last US resource supporting a non-IBM software package, which is in high demand globally -- yet the powers that be seem oblivious to it. Rather than create a dedicated group to go after that business, they cut anyone with that skill, since it is not an IBM product and therefore, "not strategic." Unfortunately the company continues to gamble on their Tivoli products, which clients seem to embrace about as much as Lotus Notes, rabies and bird flu.
HP and IBM have a lot in common in their workforce makeup. Both employ more than 300,000 workers as of last year, and while those numbers lead the industry, neither is among the top 15 employers worldwide in headcount. However, HP and IBM manufacture goods, so they look up at the largest manufacturing worker employer, Volkwagen. There are 555,000 VW employees.
HP's employee count rose into six digits, and then doubled again, as a result of two acquisitions. Compaq drove the headcount to above 140,000, a 65 percent increase. Then in 2008, EDS became an HP operation, and the headcount soared to 349,000. Since 2011, the workforce at the vendor that's still working to sell some HP 3000 replacements has dropped by 15 percent. The current HP layoff plan — a layoff strategy has been in place for more than five year — calls for a total of 55,000 job eliminations by the end of this fiscal year.
These employee cuts are the result of relentless pursuit of EPS growth, so that the numbers reported to shareholders can show an increase in spite of flat to falling revenues. Stock prices at HP have recovered to 2005 levels amid the HP layoff march. But IBM's share price took a 12 percent dive on a single day this fall, is now below its mark when current CEO Ginni Rommety took over, and hovers today around $160 a share.
Rommety was rewarded for her performance in 2014 with a $1.6 million bonus. The tepid stock of IBM made it "the worst performer in the Dow Jones Industrial Average for a second straight year," according to Bloomberg News. The company that once proudly wore the reputation "nobody ever got fired for buying IBM" is doing a lot of firing this week.
January 30, 2015
Where a Freeware Emulator Might Go Next
It was always a little proof of a brighter future, this freeware emulator distributed by Stromasys. The A202 release might be shared with prospects in the months and years to come. But for now the program has been discontinued. One of the most ardent users of the product, Brian Edminster, sent along some ideas for keeping an MPE enthusiast's magic wand in a box that's open to the community.
Edminster was trading ideas with the vendor for improvements to Charon HPA more than a year and a half ago. He's noted that having a public cloud instance used for demonstrations, a bit like HP's Invent3K of a decade-plus ago, would be a great offering for enthusiasts. He's had rewarding experience with the freeware's documentation, too -- an element that might've been an afterthought with another vendor.
By Brian Edminster
As much as I hate it, I can understand Stromasys pulling the plug on the freeware version of Charon. I just hope they can come up with a way to make a version of the emulator available to enthusiasts — even if it's for a small fee. At some time or another, that'll be the only way to run an MPE/iX instance because all hardware will fail, eventually. (This is said by someone that still has a few MPE/V systems that run, and many MPE/iX systems that do).
I guess the real trick is finding something that prevents the freeware version of the emulator from being viable for use by anyone but enthusiasts. I'd have thought that a 2-user license would be enough for that, but apparently not.
I'd imagine that limiting the system to only the system volume (MPEXL_SYSTEM_VOLUME_SET), to only allow one emulated drive, and perhaps limiting the emulated drive-size to 2Gb or less might be enough. But not knowing what kind of applications were being hosted against the license terms makes it hard to say for sure.
The only other thing I can think of might be requiring the emulator to 'phone home' (via Internet connection) whenever it was fired up, and have it 'shut off' within a given time if it couldn't. But even that wouldn't always be definitive as to the 'type' of use occuring.
Seems that trying to avoid paying for something can inspire far more creativity than it should, when truthfully, it's probably cheaper to just “pay the fee.” Perhaps having an Archival licence, where the instance is in-the-cloud and payment is based on amount of resources used, might provide enough incentive for enthusiasts and everybody in the community to do the right thing.Seems that a limited freeware version, and reasonably 'less-limited' cloud versions with a pay-as-you-use-it license, would be the way to go. Perhaps charge a setup fee with a small annual fee to keep the instance present, then charge for the amount of time used (especially when the intended usage is 'archival'). This harkens back to the days of 'time-sharing', back when it was too expensive to own a box of your own.
I know it may not be possible with the Stromasys Charon-HPA product, but the Eloquence DBMS and it's Basic-like development language system has had a 'freeware/evaluation' copy that's limited in a way that makes it unsuitable for any sort of production use. It's done by limiting 'storage' (the total database size) to about 50Mb and just a few users.
Eloquence freeware therefore provides plenty to allow 'personal' use, to learn the tool — but not nearly enough to host any sort of practical production system. It's a unfortunate that Stromasys didn't do something similar with Charon-HPA.
But there’s still a chance to make things different, going forward.
Brian Edminster is the founder of Applied Technologies, a consulting, development, and systems management firm specializing in HP 3000s and the open source freeware that can make them more powerful.
January 27, 2015
Emulator's downloadable free ride ends
Stromasys has discontinued the freeware download distribution of the A202 version of its Charon HPA emulator. According to a company official, "We're ending the freeware distribution due to the unfortunate use of that software in commercial environments."
The A202, just powerful enough to permit two simultaneous users to get A-Class 400 performance, was always tempting to very small sites. Stromasys was generous enough to permit downloading of the software, as well as the bundled release of MPE/iX FOS software, with few restrictions starting in November of 2012. But the instructions were explicit: no use in production environments.
However, A-Class 400 horsepower would be enough for companies putting their 3000s in archival mode. It would also be a workman-grade emulation of a development-class 3000. Some companies may have spoiled the freeware largesse for all. It's unlikely that one customer would report another's commercial use of Charon to emulate 3000s. But there's always the possibility that someone might have, say, contacted the company on a support matter. For a commercial setting.
The virtualization product was pared back to give 3000 sites a way to prove it would match up with the technical requirements of existing 3000s. Indeed, Charon has proven to be a thorough emulation of PA-RISC 3000 hardware. Running it in production requires a paid license and a support contract. The latest information from Stromasys' Alexandre Cruz shows the entry-level price at $9,000.
The Charon HPA freeware that's been installed around the world is still capable of emulating a 3000. But its intended use is for enthusiasts, not working systems managers who administer production machines.The A202 was offered on the honor system. The software required the installer to supply a valid HPSUSAN number upon installation before the software would boot an Intel system as an HP 3000.
There's no mistaking the intention for the freeware, though. From the Version 1.5 Freeware documentation, under the Licensing Restrictions section:
The CHARON-HPA/3000 Freeware Edition is licensed for use in the following environments only:
Enthusiasts: unlimited personal non-commercial use.
Commercial: limited to evaluating the product.
The Freeware Edition may not be integrated into production environments. The CHARON-HPA/3000 Freeware Edition is supplied with a preconfigured HP 3000 disk image that contains a copy of MPE/iX 7.5 FOS. The Freeware Edition will only load after you have configured it with an HPSUSAN number that you are legally entitled to use. You must agree to respect these license restrictions before you will be able to download the Freeware edition installation files from our website.
The freeware will continue to be distributed to prospects who contact the sales force. No other freeware Charon versions -- to be used for the Digital VMS environment, or Sun Solaris -- are available for download from the recently-revamped Stromasys website, either.
Users Guides for the 1.5 release of the freeware, as well as for the older 1.5 release of Charon production-license software, remain online at the Stromasys website.
January 23, 2015
Pending questions about the latest HPA
It often does not take long for reactions to arrive here to NewsWire stories. It's a prime advantage of having a digital delivery system for our news and tech reports. We learn quickly when we've gotten something incorrect, and then can fix it.
But supplemental information sometimes takes longer to fill in. After we posted our article of yesterday about the new 1.6 release of the Stromasys Charon HPA emulator, Brian Edminster of Applied Technologies offered immediate questions. Like us on this very evening, he's seeking more details about the features and updates of 1.6.
I'm especially interested in anything that would make configuring the networking easier, as I found that to be the most difficult part to deal with on my downloadable evaluation copy (However, I've still got the nearly ancient v1.1). [Editor's note: we suspect that the new Network Configuration Utility will simplify this complex configuration task.]
I'd imagine that if these v1.6 updates are available in the evaluation version, I could find all this out myself. But the Stromasys website only has fairly sparse documentation available (compared to their other emulators), and it's for version 1.5, not 1.6.
I tried finding out if this latest version of the freeware edition is downloadable, but I can't find any links on their website to the download link. The website is newly redesigned, and looks a lot fresher, however.
I've looked in the A202 freeware edition's User Guide (v1.5) and it says that the downloadable edition can be found at a particular URL: www.stromasys.com/hp3000_freeware. But try as I might, that URL wouldn't work for me. I kept getting a '404' error, indicating that the link wasn't present.
Is there updated documentation coming? I have to say that those v1.5 docs are light years ahead of what was available when my v1.1 was current.
January 16, 2015
What's ahead for the HPs of 2015?
Last year Hewlett-Packard announced it's going to split up in 2015. Right now it's a combined entity whose stock (HPQ) represents both PC and enterprise business. But by the end of this fiscal year, it will be two companies, one called HP Inc. and another holding the classic Hewlett-Packard name. Any of the enterprise business that HP's managed to migrate from 3000s sits in that Hewlett-Packard future.
Most of time, the things that HP has done to affect your world have been easy to see coming. There's a big exception we all know about from November of 2001. But even the forthcoming split-up of the company was advocated for years by Wall Street analysts. It was a matter of when, some said, not if.
If can be a big word, considering it has just two letters. There was an HP ad campaign from 30 years ago that was themed What If. In things like TV commercials that included shots of HP 3000 terminals, What If sometimes proposed more radical things for its day, like a seamless integration of enterprise mail with the then-nouveau desktop computers.
HP called that NewWave, and by the time it rolled out the product looked a lot like a me-too of Apple and Microsoft interfaces. But What If, rolled forward to 2015, would be genuinely radical if there were either no HP left any more, or Hewlett-Packard leveraged mergers with competitors.
What If: HP's PC and printer business was purchased by Lenovo, a chief competitor in the laptop-desktop arena? Its new CEO of the HP Inc spinoff ran Lenovo before joining HP. On the other hand, what if HP bought Lenovo?
What If: Hewlett-Packard Enterprise became a property of Oracle? That one is a much bigger If, considering that HP's built hardware in massive quantity for a decade-plus along four different product lines: Integrity, PA-RISC (still generating support revenues in HP-UX), ProLiant x86s, and its dizzying array of networking products. You could even label forthcoming dreams like The Machine, or the Moonshot systems, as hardware lines. Oracle's got just Sun systems. As 3000 customers know, hardware is not a firm stake in the ground for business futures.If there's anything that seems certain here in January, it's that the creator of MPE, IMAGE and PA-RISC will continue to pursue enterprise business customers of its competitors. The customers of firms like IBM and Oracle (Sun) are just about all that can be nabbed by a purveyor of enterprise environments that are proprietary — the lame-duck VMS, the NonStop OS, and HP-UX.
The computer industry hasn't had an earthquake of a deal that'd register Oracle+HP tremors since HP bought EDS in 2008 for $13.9 billion. HP bought Compaq in 2002 for $25 billion. That's a lot of simoleons in a computing market that's growing. Dollar-wise, Oracle acquiring HP would've been 40 percent cheaper one year ago. HP's market capitalization today is $70 billion, and it was just $50 billion in January 2014.
That is, of course, the size of the un-divided HP. Hewlett-Packard Enterprise will be valued at half that. But if you could acquire the entire HP at $50 billion one year ago, and in 2015 that money would only buy half the company — and the part that's growing much more slowly — why do it when it costs more?
Oracle is more than twice the size of HP, though, in market capitalization. Right now Oracle is at $189 billion in market cap. Nobody learns about deals of this size between titans like these until the agreement is right under our noses. Everybody's got to convince their shareholders, too. An epic battle was waged over HP's Compaq purchase over just that circumstance. We can't tell, but your community also knows that kind of surprise is also true about lopping off business product lines — ones that are profitable and beloved, too.
January 15, 2015
New service level: personal private webinar
Software and service providers have long used webinars to deliver information and updates to groups. Now one vendor in the HP 3000 market is making the webinar highly focused. MB Foster is scheduling Personal Webinars.
CEO Birket Foster is available for private bookings with customers or prospects who need questions answered on a variety of topics. According to an email sent this week, the list from the company's Wednesday Webinars over the past few years includes
- Application Migrations, Virtualization, Emulation, Re-host, Retire, Replace
- Data Migration, Transformations, Decommissioning
- Big Data
- Bring Your Own Devise (BYOD)
- Data Quality, Governance, MDM (Master Data Management)
- Decision Support, Advanced Analytics, Dashboarding
- User reporting, ad hoc query and analysis
- Using Powerhouse in the 21st Century
- Enterprise Windows Batch Job Scheduling
- ITIL and APM
- Document Management
- Enterprise Data Storage
The vendor says to schedule this one-to-one briefing contact Chris Whitehead at 905-846-3941, or send a request to firstname.lastname@example.org, along with the desired topic and available dates and times.
For the past 3 years MB Foster has hosted Webinars every Wednesday at 11 am PST and 2 pm EST. As not everyone is available on a Wednesday, we are offering "Book a Private Webinar." If you have a topic your organization needs to address we would be pleased to conduct a webinar with your team.
If you have an alternative suggested topic, we would appreciate the feedback. Whatever the topic, we will have the webinar team include a subject matter expert to address your needs.
January 05, 2015
Securing cloud promises hardware freedom
If a 3000 manager or owner had one wish for the new year, it might be to gain hardware assurance. No matter how much expertise or development budget is available in 2015, not much will turn back the clock on the servers -- the newest of which were built not very long after Y2K. The option to escape these aging servers lies in Intel hardware. Some sites will look at putting that hardware out in the cloud.
Say the word cloud to an HP 3000 veteran and they'll ask if you mean time-sharing. At its heart, the strategy of the 1970s that bought MPE into many businesses for the first time feels like cloud computing. The server's outside of the company, users access their programs through a network, and everyday management of peripherals and backups is an outsourced task.
But the cloud of 2015 adds a world of public access, and operates in an era when break-ins happen to banks without defeating a time lock or setting off a security alarm. Time-sharing brought the HP 3000 to Austin companies through the efforts of Bill McAfee. Terry Floyd of the MANMAN support company The Support Group described the earliest days of MPE in Austin.
The first HP 3000 I ever saw was in 1976 at Futura Press on South Congress Avenue in Austin. Bill McAfee owned Futura and was a mentor to many of us in Texas. Futura was an HP reseller, and aside from a wonderful printing company, they wrote their own software and some of the first MPE utilities. Interesting people like Morgan Jones hung out around Futura Press in the late 1970's and I can never thank Bill and Anne McAfee enough for the great times.
Jones went on to found Tymlabs, the creators of one of the bulwark MPE backup products. The HP Chronicle, the first newspaper devoted to the 3000, processed its typesetting using that Futura server. For all practical purposes this was cloud computing, delivered off mid-range HP 3000s such as the Series 42 (above), even deep into 1984. But 30 years later, this category of resource has become even more private and customized. It also relies on co-located hardware. That's where Rackspace comes in. It's the target provider for the new cloud-based installations of Charon. The Rackspace mantra is "One size doesn't fit all." That harkens to the days of time-sharing.While other companies have competitive offerings in cloud services, Rackspace has the advantage of building its business model around extreme customization and significant expertise in VMware. That VMware service forms the bedrock for the virtualization in Stromasys' product.
VMware management may not be tribal knowlege at some 3000 sites which are looking to move away from older hardware. Rackspace touts proactive management "24x7x365 by our VMware Certified Professionals. You get VMware's cloud management platform to build upon, while maintaining control through the vCloud web portal and vCloud API-compatible orchestration tools." Rackspace adds that it's one of the largest VMware-powered service providers in the world.
Security can't be virtual, however. Locking down access is as much a matter of physical security of storage and hardware as it is firewall protections. Just last summer, a survey of IT managers across the industry reported that "executives are not sure they can trust what cloud providers are telling them," according to an IDG-Unisys research paper.
Rackspace offers virtual private networks, Sophos anti-virus software, distributed denial of service (DDoS) protection and something called Alert Logic Threat Management in a Security Plus package. Stromasys technical presale manager Alex Cruz said that Rackspace has the flexibility that the virtualization vendor believes will be needed to host MPE servers in the cloud.
Calculating the capital outlay for moving MPE into virtualization is likely to put managers of 3000s into some advanced spending to master extra security. A cloud service provider like Rackspace can standardize that essential feature, even while it customizes the hardware and storage configuration that Charon for MPE will require. "Integrated vulnerability scanning," says the Rackspace brief on its security, "helps you identify possible points of entry and correct them, and assists you with meeting regulatory compliance requirements."
That survey of IT executives from last year reports that 70 percent of them believe security is the biggest obstacle to hosting from the cloud. HP 3000 sites might not have the most stringent enterprise-level security for their Intel-based systems in place already, so engaging a company that promises "Alert Logic security analysts" is one way to pursue expertise. Rackspace says its security services will help customers pass PCI bank-card and HIPAA healthcare audits. Some HP 3000s are still driving ecommerce companies, even more than four years after HP's support ended for MPE. Rackspace says it's the No. 1 hosting provider to the Top 1,000 Ecommerce websites.
December 31, 2014
Top Stories Lead MPE Into New Year
The remains of 2014 are down to just a few hours by now, a year that saw the virtualization of the system take new wings while migrations proceeded at a slower pace. We reported stories about surprising homesteading sites and new players in the community which counts MPE as a significant piece of history — and for some, a platform into 2015 and beyond.
But no story of the past year would be complete without a passage devoted to the passing of the enterprise torch into a smaller Hewlett-Packard. The company that created MPE and the 3000 passed the total management mantle to CEO Meg Whitman in the summer, making her chair of the full entity. A few months later it divided itself along enterprise IT and consumer lines. The year 2014 will be the last when HP stands for a complete representation of the creations of Bill Hewlett and Dave Packard. By this time next year, a spinoff will be vying for attention of the computing marketplace.
And in one stroke of genius, it became 1984 again at Hewlett-Packard. October brought on a new chorus for an old strategy: sell computers to companies, and leave the personal stuff to others. But one of the others selling personal computers and printers usually connected to PCs is a new generation of the company. The CEO of Hewlett-Packard is calling the split-off company HP Inc. But for purposes of mission and growth, you could call it HP Ink. Genius can be simply a powerful force for good or for ill. Definition 3 of the word in Apple's built-in dictionary on my desktop calls genius "a person regarded as exerting a powerful influence over another for good or evil: He sees Adams as the man's evil genius." It's from Latin meaning an attendant spirit present from one's birth, innate ability, or inclination.
The company to be called Hewlett-Packard will concentrate on a business lineup that harkens back to 1984 a year when the LaserJet joined the product line. CEO Meg Whitman said Hewlett-Packard, devoted to enterprise business, and HP Inc. can focus and be nimble. From a 3000 customer's perspective, that focus would have been useful 13 years ago, when the lust for growth demanded that HP buy Compaq and its PC business for $25 billion on the promise of becoming No. 1.
The San Bernadino County school district in California was working on moving its HP 3000s to deep archival mode, but the computers still have years of production work ahead. The latest deadline was to have all the COBOL HP 3000 applications rewritten by December 2015. That has now been extended to 2017
And with the departure date of those two HP 3000s now more than two years away, the school district steps into another decade beyond HP's original plans for the server line. It is the second decade of beyond-end-of-life service for their 3000.
In another market segment, 3M continues to use its HP 3000s in production. What began as the Minnesota Minining & Manufacturing Company is still using HP 3000s. And according to a departing MPE expert Mike Caplin, the multiple N-Class systems will be in service there "for at least several more years."
In both cases, the 3000 is outlasting the deep expertise of managers who kept it vital for their organizations. It's taking a :BYE before a :SHUTDOWN, this longer lifespan of MPE than experts.
Stromasys took its virtualization of enterprise server message to VMworld's annual conference, where the event was pointing at cloud-based Platform As A Service (PaaS) for the years to come. The CHARON virtualization engine that turns an Intel server into a 3000 operates on the bare metal of an Intel i5 processor or faster, working inside a Linux cradle. Plenty of customers who use CHARON host the software in a virtualized Linux environment -- one where VMware provides the hosting for Linux, which then carries CHARON and its power to transform Intel chips, bus and storage into PA-RISC boxes. VMware is commonplace among HP 3000 sites, so management is no extra work.
In Kansas and in Mountain View, Calif., government organizations stepped off 3000s to move onto replacement applications. At the District Court in Topeka, Kansas, the HP 3000 "has outlived its life expectancy, making it essential that we either move on to another system or we go back to paper and pen," according to a statement on the court's website. Converting data was to be the crucial part of the migration — and will be the crucible of every migration to come. Waiting for a migration to do data cleanup is foolish, according to ScreenJet's Alan Yeo. "Yes, sure you don't want to move crap in a migration," said the CEO. "But you probably should have been doing some housekeeping whilst you lived in the place. Blaming the house when you got it dirty doesn't really wash!"
Even before the end of 2014, plenty of IT shops have closed down changes for the calendar year. Many 2015 development budgets have been wrapped up, too. Among those HP 3000 operations which are still considering a strategy for transition, there's only one assured choice for most of who's left. They'll need to replace their application. Not many can rehost it.
There are still HP 3000 shops out there in manufacturing, even online retail, that are facing decisions about how to migrate off the platform. Plenty of shadow-bound 30000 systems are running aspects of major corporations. For many others, a verbal and white-board commitment to a migration is all that can be mustered for now. Tools out there today, as well as available expertise, take a migration from virtual to reality.
In the concept of virtualization, a server is replaced by another which pretends to be just like the original. There's no new HP 3000 in emulation, for example. Just the idea of one. The essence of the HP 3000, its PA-RISC architecture, is replaced using the Charon product: software that mimics the HP hardware. Virtualization engines use software to eliminate hardware.
Some MPE migrations which have been underway for years look like they may be using up virtual man-months, so the IT group is not forced have to adopt a new application. The plan and lengthy project time eliminates any need to go live with changes.
In a virtual migration, the organization knows its intention. Get onto another environment with mission-critical apps. But the work never gets completed, something like a "forthcoming" novel that's expected but unfinished. Virtualized migrating can very well be the reason any 3000 project still has something like a 2017 target date.
What are the key stories from your chapters of the 3000's 2014? Let us know in the comments below.
December 29, 2014
Moving Pictures of HP's Contribution Origins
HP's Origins video, filmed nearly a decade ago, includes this picture of employees celebrating the shipment of the 10,000th HP 3000, sometime in the 1980s.
You can't find it on the Hewlett-Packard website, but a 2005 movie called "Origins" is still online at a YouTube address. The 25-minute film chronicles what made HP such a groundbreaker in the computing industry, and it includes interviews with the company's founders. Bill and Dave didn't appear much on camera, being businessmen of a different era and engineering managers and inventors at heart.
The link here takes the viewer directly to the Contribution segment of the story. While it is history by now -- the company transformed itself to a consumer and commodity goods provider thanks to the me-too of CEOs Carly Fiorina and Mark Hurd -- the film represents ideals that anybody in the business can set for their own career or decisions. Joel Birnbaum, whose HP Labs leadership helped deliver RISC computing for the business marketplace for the first time in 3000, sings his praise for the love of making a product that could make a difference.
But that contribution era passed away once uniformity became the essential feature of enterprise computing. By the middle '90s, HP was busy selling the 3000 as another tool that could handle open systems (read: Unix) computing. In truth, Unix was no more open than any other environment, including Windows. But Unix had some similarities between versions that could be leveraged by large enough software developers. In the videotape at left, HP offered an interview from an unnamed SAP development executive. He said his application suite had been through a test port to MPE/iX, and he believed the software had 99.5 percent code compatibility from Unix to MPE.
That half percent might have presented a technical challenge, of course. It would be thousands of lines of code, considering SAP's footprint. The MPE version of the application never made it into the vendor's price list, however. One specific client may have used SAP on a 3000 via that test port, but it was never offered as a manufacturing solution by its creators. HP's enterprise execs very much wanted an SAP offering for the 3000. That creation would have been as me-too as any product could get. "You could run that on a 3000 instead of a 9000" would've been the HP account rep's message in 1992.
SAP's exec on the video admired the 3000 customer community for its understanding of enterprise applications. But a level of misunderstanding lay at the heart of the SAP organization, whose speaker in the video said the database for HP-UX and MPE was the same. IMAGE, of course, was nothing like Oracle or even Allbase, and the latter had only a thimble's worth of adoption in the 3000 community. IMAGE gave that community its understanding of what enterprise applications should do.Large manufacturers were using MPE and the 3000 in 1992 when the video was filmed, including General Mills. Making a contribution by exploiting innovations of the computer's environment — well, that's high on the list of essential features. MANMAN, MM II and other apps offered such a contribution from the beginning. At some customer sites, they still do.
The segment that wraps up the video includes a photo of HP employees posing in the shape of the numeral 10,000 to celebrate the sale of the 10,000th HP 3000. Guy Kawasaki, one of Apple's founding braintrust, asserts that HP's DNA was in its people, "and you couldn't kill it if you tried." Any 3000 customer who's migration is headed to HP systems will want that to be true, want it as much as HP wanted a me-too SAP for MPE two decades ago.
December 12, 2014
Essential Skills: Using Password Vaults
Editor's note: HP 3000 managers do many jobs, work that often extends outside the MPE realm. In Essential Skills, we cover the non-3000 skillset for these multi-talented MPE experts.
By Steve Hardwick, CISSP
Passwords are always a challenge for security professionals. Why is creating a secure password so difficult? More importantly, how can a user tell if their password has been stolen? Typically, when all the damage has been done and the password has been used by someone else. At this point in time it is too late. One way to resolve this is to have a password vault such as KeepPass or 1Password.
A vault is a good investment of your time. A security breach that might result from having no vault might be difficult to even detect. It might be that the time the breach is discovered may not be the first time the hacked credentials were used. This might be how many times a stolen credit card is used before the owner gets the bill. Second, the hacker could have hacked the password and is just keeping it for later use or sale. One of the preventative measures for this is to require users to periodically change passwords.
This changing strategy can stem the use of stolen passwords and also prevent the future use of any that have not yet been exploited. From a user's perspective, though, generating multiple passwords every 60-90 days just compounds the passwords nightmare.
As a security professional I have seen several solutions that users concoct to try and get around this issue. One common one is to write them all down and hide the resulting list. It turns out there are not that many good hiding places. Under keyboards, behind pictures, inside speakers, taped to the underside of a drawer or chair, back of a bookcase do not qualify as good locations. Also, many users forget to update the sheet with new passwords. Another approach is to create a text file, e.g. shopping_list.txt, and put everything in there. A quick search of the most frequently used files normally finds those. Plus if the hard drive crashes, and the file is not backed up, new ones have to be set up all over again.
A variation of the last theme is to use a password vault. This is a method where the password information is stored on a file, but the file is encrypted. In this case only one password is needed, to decrypt the vault, and access is granted to all of the other passwords. The most ubiquitous form of encryption is AES - Advance Encryption Standard. AES256 encryption is adequate for most users.
However, one word of caution. If the password used to encrypt the vault is easy to guess, then the contents are at risk.Another challenge is storing the password vault file on the computer hard drive -- it does not mitigate the risk of when the drive crashes. (They all crash eventually.) This can easily be overcome by storing the password vault on a cloud storage location. Since the vault file is encrypted, this significantly reduces the impact if it is stolen from the cloud drive. As long as the master password is strong.
Vaults can also help protect you from key-loggers, a program that runs in background and simply copies all of the keystrokes onto a hidden file. A new variation of the Citadel Trojan virus is specifically targeting password vault applications with a key-logger. A password vault solution has some protection against password loggers. The vault can be built on a different machine and placed in the cloud. Once opened from the cloud on the user's system, the password is cut and pasted into the login screen.
Finally, there is a problem that a key-logger will be targeted at the master vault password. This can be mitigated by using two-factor authentication. In addition to the password, the user is required to provide a digital certificate. This specialized encrypted file can be stored on a removable storage device, USB, and accessed at vault login time. Without the password and the digital certificate file, the person trying to access the vault is thwarted.
A quick search on the Internet for Password Vault or Password Manager will result in a lot of options. Here are some criteria to be considered when choosing a password vault applications.
1) Strong encryption - e.g. AES 256.
2) Can store the vault file in the cloud
3) Runs on multiple platforms. Allows users to get access on desktop or mobile devices
4) Protection elements against keyloggers
5) Allows 2 factor authentication
6) Password generator (Optional -- caution, these normally provides secure but hard to remember passwords)
7) Browser import capability (Optional -- provides a way to import store browser passwords)
8) Password strength indicator (Optional --give a measure of the ease to which the password can be guessed)
Using a password vault will solve a lot of security problems associated with today's Internet world. Taking the storage of passwords to a secure level results in a solution that is easy to use, secure, and readily available. Plus it gets around that common problem, “Honey, what is the password for the banking site again?”
December 11, 2014
Big, unreported computing in MPE's realm
When members gather from the 3000 community, they don't often surprise each other these days with news. The charm and challenge of the computer's status is its steady, static nature. We've written before about how no news is the usual news for a 40-year-old system.
But at a recent outing with 3000 friends I heard two pieces of information that qualify as news. The source of this story would rather not have his name used, but he told me, "This year we actually sold new software to 3000 sites." Any sort of sale would be notable. This one was in excess of $10,000. "They just told us they needed it," my source reported, "and we didn't need to know anything else." A support contract came along with the sale, of course.
The other news item seemed to prove we don't know everything about the potential of MPE and the attraction of the 3000 system. A company was reaching out for an estimate on making a transition to the Charon emulator. They decided not to go forward when they figured it would require $1 million in Intel-based hardware to match the performance of their HP 3000.
"How's that even possible?" I asked. This is Intel-caliber gear being speficied, and even a pricey 3000 configuration shouldn't cost more than a quarter-million dollars to replace. It didn't add up.
"Well, you know they need multiple cores to replace a 3000 CPU," my source explained. Sure, we know that. "And they had a 16-way HP 3000 they were trying to move out."
Somewhere out there in the world there's an HP 3000, installed by Hewlett-Packard, that supports 16 CPUs. Still running an application suite. The value is attractive enough that it's performing at a level twice as powerful as anything HP would admit to, even privately.
A 4-way N-Class was as big as HP would ever quote. Four 500-MHz or 750-MHz PA-8700 CPUs, with 2.25 MB on-chip cache per CPU, topped the official lineup.
Unix got higher horsepower out of the same HP servers. An 8-way version of the same N-Class box was supported on HP-UX; HP would admit such a thing was possible in the labs, and not supported in the field. But a 16-way? HP won't admit it exists today, and the customer wouldn't want to talk about it either. Sometimes things go unreported because they're too big to admit. It made me wonder how much business HP might've sustained if they'd allowed MPE to run as fast and as far as HP-UX ran, when both of those environments were hosted on the same iron.
November 20, 2014
TBT: When Joy of Tech Was Necessary
The cover above of the SuperGroup Association magazine from January, 1985 came to mind here on ThrowBack Thursday. Fred White passed away this week, and it's been a delightful trek down the lane of memories to recall his gusto about the art of technology.
The cover above shows some of that gusto which is not easy to describe. SuperGroup understood the MPE and IMAGE technology of the '80s as well or better than any magazine of the day. But that 3000 publication edited by D. David Brown had a sense of humor and whimsy about it no other publication has been able to eclipse. (Even on my best day as HP Chronicle editor I was only cooking up editorial cartoons about PA-RISC that somebody else would illustrate, and there have been those Ken-Do strips from the NewsWire. But nothing as savvy as what was staged above.)
The players in the little romp were, from left, White, Adager's Alfredo Rego, and Robelle's Bob Green. The photo was a teaser into a great technical paper about a perceived need to acknowledge that databases needed "uncomfortable Procrustean designs... [using] methodologies associated wth normalizing and relating."
Like the paper that Eugene Volokh wrote in the following year, the technical report put relational databases in their place -- capable of permitting multiple views of data, but with a steep performance price to pay compared to IMAGE/3000. The article was on the vanguard of unmasking the shortcomings of relational databases of that era, as I read it. Also clever and playful, two words not often associated with technical writing. The paper was authored by more than the three in the picture; Allegro's Stan Sieler and Steve Cooper got credits, as did Leslie Keffer de Rego for editing.Two of the actors in that photo represented a database that had to be filled out for length, and one that needed to be chopped short. Procrustes would kill travelers by placing them in "beds of various sizes, and when he lighted on a traveler who was tall, he consigned him to one of his short beds, lopping off so much of him as exceeded the length of the stead; but if his guest were short, a long bed was provided him, and his limbs, by help of a machine, were stretched out to its length."
This kind of super-wizard comedy was essential to the period when White was spreading his wings. He was a consultant to Adager at the time and sometimes graced the speaker lists on that day's then-crowded user group meeting calendar. At one show in Southern California, held in the halls of the converted Queen Mary, I watched White expound on the exactitude of writing files to tape, an amazing talk that ran more than a quarter-hour over its 90 minutes allotted. White had more to say, too, even as the organizers had to turn over the room.
The 1980s of the HP 3000 were a time when the Joy of Tech was necessary to overcome the growing pains of the 3000's success. Users were outstripping the processing power of the CISC-based systems, and the competing databases of the era needed serious integration skills to maintain their value to their owners. That integration had been wired into the 3000 by the IMAGE work of White and others. Experts like him, Rego, and Green not only wielded the know-how, they made complex topics entertaining. In SuperGroup they found a wry editorial staff which knew how to showcase gusto.
November 19, 2014
Fred White, 1924-2014
Courtesy of his long-time collaborator and partner Alfredo Rego, this picture of Fred White was taken in 2004, when Fred was 80 and several years into retirement. The legendary co-creator of IMAGE and the SPL expert in Adager's Labs, White was a Marine Corps veteran. Rego said while offering this portrait, "I took this photo with my Olympus E-1 on October 26, 2004 (just a bit over 10 years ago!) in Cedar City, Utah, where he and Judy lived for a while. Fred invited Judy and me to lunch, and I snapped this image across the table. I loved everything there: The warm light, the delicious food, the stimulating conversation, the young college students rushing about..."
The creator of the heartbeat of the HP 3000, Fred White, passed away on November 18, 2014 at the age of 90. White died peacefully in the presence of his wife Judy and family members, of natural causes. He had relocated to Arizona after retiring from Adager in the year after Y2K. His work in building the essential database for MPE, alongside Jon Bale, was the keystone of the 3000 experience. Rego took note of a key identifier inside the IMAGE internals, one that signified a database was sound and accurate. The flag was FW, or as Rego said in a short tribute to his partner, "%043127, the octal representation of “FW” — the flag for a normal IMAGE/3000 database (and TurboIMAGE, and IMAGE/SQL)."
White's work for the 3000 community came in two stages. The first was his innovations while working for HP, building a network database which won awards until HP stopped selling IMAGE and included it with the HP 3000. (Bundled software would not be considered for prizes like the Datamation award bestowed on IMAGE in 1976.) IMAGE, integrated at a foolproof level with the MPE intrinsics and filesystem, delivered a ready field for a small army of developers to plant applications and tools. Without White's work, the 3000 would have been just a footnote in HP's attempts to enter the computer business.
The second stage of White's gifts to the community began when HP had infuriated him for the last time. Never a fan of large organizations, he left Hewlett-Packard when it became clear the vendor had no interest in enhancing IMAGE. But before he departed HP, White met with Rego when the latter was visiting HP in an effort to learn more about IMAGE from the vendor, in preparation for a forthcoming database manager he'd create. As the legend is told, White decided he'd try to help Rego just to ensure that the creation to be called Adager could emerge a little easier.
"He hoped we would answer his questions," White said in a post-retirement interview. His partner Jon Bale "said that kind of help would be contrary to HP company policy. I said to him, 'Jon, this guy’s going to get this done whether we help him or not. All we’re doing is helping a fellow human. Whatever it takes, Alfredo’s going to do it anyway.' "
"At that point, Jon said it was up to me, but he couldn’t do it because it wasn’t HP company policy. He wished Alfredo the best of luck and left. So I answered his questions, and even told him things he couldn’t possibly have thought of, such as privileged mode intrinsic calling and negative DBOPEN modes, things peculiar to the software rather than the database. We chatted for an hour and a half or so."
The exchange in 1977 pointed toward the door to the Adager segment of White's career. The years between 1980 and 2001 allowed Fred to make up for his reticence inside corporations by becoming the conscience of accuracy and fairness. Innovations for IMAGE finally arrived in the middle 1990s. But White's most saucy moment of advocacy came in Boston when HP was trying to make IMAGE a separate product once again.The battle raged in a conference hall on the scene of the Interex user group meeting in 1990. Unbundling was an HP strategy designed to make it easier to buy an Oracle database for the 3000, reducing the price of the hardware modestly while making room for an add-on product. HP's database would be on a footing with all other offerings, but White and others knew that a 3000 without IMAGE was not the product the community trusted with its loyalties.
It was an era when users offered advocacy in a tone of angst. This sometimes was not the exchange that HP desired to air in public. But it was good for the capability of the system. HP had to watch the international computer press listen to a rumbling roar of revolution from 3000 users. A meeting of the IMAGE Special Interest Group came to be known as your community's Boston Tea Party. Rego recalled the moment of highest revolt.
Fred White (co-author of IMAGE and at the time Senior Scientist at Adager Labs) addressed Bill Murphy (HP’s Director of Marketing) from the floor and complimented Bill on his tie. Fred then explained how stupid it was for HP to unbundle IMAGE. Fred continued by describing the negative effects in products that depended on having IMAGE on the HP 3000. Fred also provided some historic background by relating how Ed McCracken (a previous 3000 General Manager) had made a success of the HP 3000 by bundling IMAGE in the mid '70s. Fred was firm but courteous. No tomatoes (err, tea bags) were thrown. Perhaps the whole “Boston Tea Party” legend started because Fred used the word “stupid” in public, applying it to HP’s management, with no apologies.
The crucial work needed to support a dizzy array of date types was near the apex of White's work at Adager, details scrutinized and attended to during the advent of Y2K. After his retirement, White remained visible in both online communities and at gatherings of the 3000 community's most formidable minds.
His computer career crossed five decades, starting in 1957 when programmer degrees didn’t exist and math experts did the heavy lifting to create file systems, operating environments and applications. In the beginning of his work for HP, he was creating the first file system for the 3000. He was then transferred to another project that grew into the creation of IMAGE.
He came to his HP work from 12 years of positions at Sylvania Electronic Defense Lab, United Technology Center and IBM. White had prepared for his more than 43 years of programming by work and study in forestry, engineering, Japanese, criminology and math. He joined Sylvania two months before Sputnik was launched by the Russians. By 1969 he’d responded to HP’s entreaties and followed some UTC colleagues to HP Cupertino, where he headed up the File System Project for the Omega System, which evolved to MPE.
Never a fan of large organizations, White eventually left HP in 1981 after he had been moved away from IMAGE and onto other projects. He first met Rego when the latter traveled to HP Cupertino to meet the IMAGE creators and learn more about IMAGE and its data structures. White took a post which Rego offered as a consultant to Adager in 1981, and became a senior research engineer for that company in 1989.
During the 1980s and 1990s, the tall, silver-haired programmer cut a notable swath through the HP 3000 community, especially at the annual Interex user group meetings. Always ready to level with HP’s management about what the HP 3000 needed, White’s comments and criticisms in those meetings represented the same unflinching focus required for his SPL programming on the 3000’s internals.
White always wanted to stay busy at his work. In 1946 he worked on Okinawa as a Japanese interpreter for a construction company and applied for a decrease in pay when he thought the company hadn’t given him enough to do. His 19-plus years with Adager made up the biggest single stay in a career in which he said “I quit a lot of jobs. That’s what I’m prone to do when management screws up.”
In his retirement White was active with family members, traveling, hiking and bird watching. The subject of the watches was mostly raptors, he added. "We like our place in Clarkdale (desert plants and critters) with great views of Mingus Mountain and the red rock area of Sedona," he said in 2003. "I like keeping in touch with many of my old friends and enemies on the Internet and mailing lists."
When we asked him about the single biggest mistake HP made with the HP 3000, White was ready with
"at least five I can think of. 1. Not having the development teams being the support teams. 2. Getting in bed with Oracle. 3. Not being aware that there are no relational databases, just relational access to databases. 4. Following the Unix pied piper. 5. Not marketing the HP 3000. For example, they never bothered to tell the world that the computers they used at corporate headquarters were HP 3000s."
As to what kept him so productive for so long, he mentioned his single-language focus on SPL, as well as still being interested in his work. But he also said, "Having a boss who was more interested in quality than quantity." The community poured out good wishes to a special email address, email@example.com, in his final days. One developer who heard of his passing said, "Let's hope that when Fred gets upstairs, his entry permit to Heaven is stamped 'Automatic, Master'."
October 29, 2014
Security experts try to rein in POODLE
Sometimes names can be disarming ways of identifying high-risk exploits. That's the case with POODLE, a new SSL-based security threat that comes after the IT community's efforts to contain Heartbleed, and then the Shellshock vulnerability of the bash shell program. HP 3000s are capable of deploying SSL security protocols in Web services. Few do, in the field; most companies assign this kind of service to a Linux server, or sometimes to Windows.
The acronym stands for Padding Oracle on Downgraded Legacy Encryption. This oracle has nothing to do with the database giant. A Wikipedia article reports that such an attack "is performed on the padding of a cryptographic message. The plain text message often has to be padded (expanded) to be compatible with the underlying cryptographic primitive. Leakage of information about the padding may occur mainly during decryption of the ciphertext."
The attack can also be performed on HP's Next Generation Firewall (NGFW), a security appliance that is in place protecting thousands of networks around the world. Other firewalls are at risk. Just this week HP released a security patch to help the NGFW appliances withstand the attack. External firewalls are a typical element in modern web service architectures.
A POODLE attack takes a bite out of SSL protections by fooling a server into falling back to an older SSLv3 protocol. HP reported that its Local Security Manager (LSM) software on the NGFW is at risk. But a software update is available at the HP TippingPoint website, the home of the TippingPoint software that HP acquired when it bought 3Com in 2010. TippingPoint rolled out the first HP NGFW firewalls last year.The TippingPoint experts seem to understand that older protocols -- a bit like the older network apps installed in servers like the 3000 -- are going to be indelibile.
The most effective mitigation is to completely disable the SSLv3 protocol. If this is not possible because of business requirements, alternately the TLS_FALLBACK_SCSV flag can be enabled so that attackers can no longer force the downgrade of protocols to SSLv3.
What's at risk in your data pool? HP says it likely to be sensitive, short strings of data such as session IDs and cookie values, "which can then be used to hijack the users' sessions, etc."
Et cetera indeed. The added challenge which enterprise managers assume once they move into open networks are the POODLEs, shocks to a shell and the bleeding hearts of newer operating environments. The security expertise to meet these challenges is a well-spent investment -- whether it's through a 3000-savvy services provider, or the vendor of the migration target system that's just replaced a 3000.
Basic information on these threats is always provided for free. Implementation savvy can be a valuable extra expense. For example, HP adds this nuance about disabling protocols.
An important note: both the client and server must be updated to support that TLS_FALLBACK_SCSV flag. If both allow for SSLv3 and one of them has not been updated to support the flag, the attack will remain possible.
October 24, 2014
Legacy Management: More than Rehosting
Speedware became Freshe Legacy several years ago, and in 2012 the company's business crossed the watershed from Hewlett-Packard sites to those running IBM's AS/400 servers. The latter is now called IBM i, and in one interview Fresche CEO Andy Kulakowski said the company's customers are now 85 percent IBM users.
The world of IBM i is still populated with product releases, vendor support, and the challenges of keeping a legacy line of computing looking current. Last month Fresche purchased the assets, intellectual property and customer base of looksoftware (yes, all lowercase and all one word.) Next week the newest tool in the Fresche belt goes on display in one of the oldest of enterprise venues: a $949 user conference, COMMON.
COMMON has served IBM users since before there was an Interex. The first meetings of the group surrounded the IBM Series 1800, a data acquisition and control system which was similar to the 3000 in that it used a Multi Programming Executive (MPX) operating system. COMMON meetings began in the 1960s, and the 1800 was used in product for more than 50 years. Even though COMMON attendance has dropped and the gatherings have gotten shorter, the group still assembles the experts and the faithful once a year for a classic expo and education event. This year's is in Indianapolis, following the model that Interex used for HP 3000 customers: a moveable feast taking place in cities both great and, well, common. One forgettable year the Interex show was held in Detroit. In the Midwest, however, a great number of manufacturers and distributors have always used business systems like the 3000 and the i.
Drill into the looksoftware website and you'll find mention of the HP 3000 in the Modernization Solutions section. Along with methodologies such as cloud enablement, database modernization and automated code conversion, MPE/iX customers can find a relevant line, "Re-hosting (HP e3000)." COMMON attendees could very easily hear about rehosting at the conference. After decades of serving just the AS/400 family, it's now an expo that embraces Unix and Linux computing from IBM, too.There are other methods to revitalize an HP 3000, but moving those business applications onto a new host is the classic strategy. Business Rules Extraction, Consolidation and Export is also among the solutions listed in the looksoftware services stable. Taking a customer's business rules along during any transition is a must. A "lift and shift" is what Fresche called the move onto non-3000 hardware back when the firm was called Speedware.
There's not much of that kind of business left in the 3000 customer base by now -- certainly not compared to the number of modernization opportunities for the AS/400 crowd. IBM has a strategy book that's released every year for IT planners called the Redbook. The latest edition, the largest ever in the history of the publication, is Modernizing IBM i Applications from the Database up to the User Interface and Everything in Between. Over at the IT Jungle website, the editors are calling the current Fresche strategy of acquistions "a page right out of the Redbook." The book's 687 pages are summed up thusly by the website.
It refers to modernization as "a sequence of actions" and "a process of rethinking how to approach the creation and maintenance of applications." Much of the focus is on application structure, user interface, data access, and the database. There's a lot of out with the old and in with the new here.
Adding new companies isn't new to the Speedware/Fresche history. The company acquired Neartek for the latter's AMXW software, for example, once the migrations were in full play in the 3000 market. Databorough is a similar acquisition, a database software firm whose products are useful tools in the mission Fresche calls legacy modernization. User interfaces get a rejuvenation, data access and pathways to more current data resources, and usually newer hardware arrives. Not hardware from a vendor other than IBM, however. For that kind of modernization, you have to look to the HP 3000 community. Yes, Fresche Legacy will rehost your MPE/iX apps, using a different methodology than any virtualization supplier. The new technology goes beyond hardware and IO and chip-level environments. It includes a new operating system, databases, and surround code.
One of the other significant throwbacks in legacy enterprise arenas are languages. MPE's got COBOL, and the IBM i has RPG. The RPG langauge was once so central to IBM enterprise computing that HP built an RPG compiler to run on the 3000. Its goal was to steal away Series 38 IBM shops. Next week at COMMON, Kulakowski will be spreading the message that in the IBM world, "There are lots of tools and services that support the move from RPG to more modern environments."
Kulakowski sees the age of the engineer and developer as a factor in modernization. Quoted in IT Jungle, he said
Generations X and Y are coming. They are very big part of population and will be far more demanding than we were. I think it would be a losing battle to try to convince them to use RPG as a development platform. It's up to us to set the table for the generation to come. We have the tools and technology to do that. That's the revolution I would fight for.
Fighting for refreshed MPE/iX hardware is a campaign for the non-migrating 3000 customer -- managers and owners with no conferences left to attend, and nothing like a 678-page Redbook playbook to follow. There's only one virtualization vendor for PA-RISC hardware, so at least the vetting of the suppliers won't take as long. There's not much choice, and that can have its downsides. But it might be a good thing to have no reason to visit Detroit or Indianapolis this fall, just to keep an IT operation modernized. Late-generation hardware is about as modernized as an MPE homesteader will be able to get.
Of course swapping out hosting hardware, by using a Linux cradle for MPE/iX, is a different level of churn than turning out the operating environment. For that sort of change, a trip to a city to ask questions face to face might well be a good business process.
October 21, 2014
Macworlds expire. Apple soars. Not linked.
You can file this report under Types of End of Life. The HP 3000 had an alleged end of life. HP announced it about 13 years ago, but that was the vendor's report about its 3000 activities. There can be a demise in classic support structures for a system once it wanes. But those structures, like information and community events, might be wobbly all by themselves. Things do change.
Everything called Macworld has now gone away. There was a print magazine, roaring through the '80s, the '90s, and even until about 10 years ago. Printed publications about computer lines, focused on one vendor, built this industry. IDG owned Macworld, owns PC World, owns Computerworld. Only the last publication still prints news on paper and sends magazines into the mail. Things change. There's this invention called the Internet.
In another post I pointed to the HP publications no longer in print. All of them, except for the Newswire. HP Professional, InterACT, HP Omni. Long ago, SuperGroup, and HP User. Interex Press, HP World. Every one of them exited. The departure for some was the trigger of that HP end of life announcement. Others rolled over when something bigger died: their parent company, or interest in Hewlett-Packard's products. One of the last executive directors of the Interex user group asked a big question: "How do you make a vendor-specific user group relevant in a cross-platform world?" said Chuck Piercey.
Another way to go out of the show business: tell your partners nothing about the departure, and market as if it's all going fine. This, from a web page less than four weeks before the final, canceled HP World conference -- a page still online on the day before the user group's demise.
IDG's expo division has asked the same stay-relevant question about the 30-year-old Macworld conference. And answered it. The expo is now on hiatus, and unlikely to emerge again. Macworld Expo added a sister expo called iWorld to embrace the rocketing mobile products from Apple. More than one third of Macworld/iWorld exhibitors bought booth spots in a bullpen called the Appalooza. More important, though, was the exodus of tens of thousands of square feet of show space, once purchased by the industry's giants. Adobe. HP. Canon. Microsoft. Little vendors in little booths were not enough to counter big changes in our industry's communication.
Apple reported a record profit yesterday, and its stock is trading at $716 a share (corrected for the 7:1 split of the springtime). Apple announced an end of life of its user show exhibitions four years ago. Macworld Expo never was the same. The vendor got healthier and bigger, so why did the magazine and show founder? Things change. Customers, always the prize for a conference or a magazine, found better ways to learn about owning products. And what to purchase.Purchasing is not a big part of the HP 3000 experience anymore. Not like it was when there were seven Hewlett-Packard-focused publications, or even where there were just four left in the world. Purchases for HP 3000s involve replacement systems, virtualized alternatives, support, and migration services. Some software makes its way into the commerce chain. But a replacement package for another system is most likely to be a line item on a budget. Training will be on the new platform, in nearly every encounter.
HP's fortunes have been rocky over the last four years, ever since the company cut loose its majordomo Mark Hurd. That decline hasn't affected trade shows for the vendor -- it runs the only genuine meeting it calls HP Discover. The days and nights of Discover are likely to continue for many years. HP sells at that conference and trains customers and its staff. Education isn't the point of a trade show visit anymore. Seeing products and asking questions about them -- that's done over the Web.
The printed publication, the trade conference: these are artifacts of a world where you needed paper and pacing an expo floor to learn the most important things about a computer you love. I attended seven of the last Macworld Expos, including a couple of memorable Steve Jobs speeches about embracing Intel chips, and yes, the iPhone debut. Special mornings, those were, seeing Intel's CEO emerge in a clean room suit onstage. Or watching the faithful crowd seven-deep around the initial iPhone, rotating in a Gorilla Glass case. As it happens, that iPhone debut was a watershed. More than half of Apple's business now comes from mobile products.
The last six mobile rollouts have been press-only by invitation -- and a short list at that. The events were webcast live, with video and audio ever-better on each rollout day. PR has shifted from in-person, or by-phone, to texts and emails and webinars and live demos. You don't need to be someplace to learn a certain amount about a computer. That certain amount is enough for most customers and partners. Enthusiasts want more. In the Apple world, they'll have to go to their laptop screens or iPhones to get it.
In truth, they're already there. In the HP world, the customers are reading webpages and watching webinars. One of those two vendors, Apple, has its afterburners on full throttle. Hewlett-Packard separated from the 3000's orbit four years ago. HP Enterprise customers will see a new world of a company next year after the vendor's split, but there won't be an HP World again. Not in print, not in an expo hall. Those are legacy means of communication and exchange. The expos hosted community, but newer generations of customers find community on mobile screens. Everything changes, and everything ends.
Here's to you, partner-based expos. You were wondrous fun and a rocket-sled ride while you lasted. The depth of any vendor's ride into the customer's heart will be determined by vessels on other trajectories.
October 17, 2014
Tracking MPE/iX Vulnerability to Shellshock
Security experts have said that the Shellshock bug in the bash shell program is serious. So much so that they're comparing it to the Heartbleed breach of earlier this year. Many are saying Shellshock is even more of a threat.
Once again, this has some impact on HP 3000s, just like Heartbleed did. But you'll need to be managing a 3000 that's exposed to the Internet to see some risks to address as part of system administration. Web servers, domain name servers, and other net-ready services provide the opportunity for this malware. There's not a lot of that running in the customer base today, but the software is still sitting on the 3000 systems, programs that could enable it.
Authorities fear a deluge of attacks could emerge. The US government has rated the security flaw 10 out of 10 for severity.
Bash is open source software, and our expert on that subject Brian Edminster is working on a specific report about the vulnerabilities. Hewlett-Packard posted a security bulletin that points to a safer version of the bash shell utility. But that version won't help HP 3000s.
It's not that HP doesn't know about the 3000 any longer. The patching menu above shows that MPE is still in the security lexicon at Hewlett-Packard. But Edminster thinks the only way to make bash safe again on MPE might be to port it a-fresh. "The 3000's bash is version 2.04, but the version that's considered 'current' is 4.x (depending on what target system you're on)," he said. "So if v2.04 is broken, the code-diffs being generated to fix the issues [by HP] in late-model bash software won't be of much (if any) use."One report in a UK newspaper suggested that "if online retailers use older, mainframe-style computing systems, they are likely to be vulnerable." That sounds like one way to describe the Ecometry sites still selling online with MPE versions of that software. Many of those customers do not have the 3000 directly exposed to the Internet, though.
The bug allows hackers to send commands to a computer without having admin status, letting them plant malicious software within systems.
HP has released a software update to resolve the vulnerability in HP Next Generation Firewall (NGFW) running Bash Shell. Version NGFW v188.8.131.5253 will fix the breach in that that product. But NGFW doesn't run on MPE/iX.
Edminster forwards this advice while he's working on his report.
It's most likely to be an issue for web services that use bash scripts to process web-page input for example, such as machines exposed to the Internet, and those that have services that can accept input from the 'net. I'll work to round up as many examples of potential places this can be felt on a 3000, so that folks know where to look.
Yep — this one is messy, because it's not quite so cut-and-dried as HeartBleed was.
October 15, 2014
Signed malware stalks HP's Windows boxes
HP will be revoking a security certificate for its Windows-based systems on Oct. 21, and the vendor isn't sure yet how that will impact system reliability.
The bundled software on older HP PC systems has been at risk of being the front-man for malware, according to a report in the Kerbs on Security website. This code-signing is supposed to give computer users and network admins confidence about a program's security and integrity. HP's Global Chief Security Officer Brett Wahlin said the company is revoking a certificate it's been using even before 2010.
HP was recently alerted by Symantec about a curious, four-year-old trojan horse program that appeared to have been signed with one of HP’s private certificates and found on a server outside of HP’s network. Further investigation traced the problem back to a malware infection on an HP developer’s computer.
HP investigators believe the trojan on the developer’s PC renamed itself to mimic one of the file names the company typically uses in its software testing, and that the malicious file was inadvertently included in a software package that was later signed with the company’s digital certificate. The company believes the malware got off of HP’s internal network because it contained a mechanism designed to transfer a copy of the file back to its point of origin.
The means of infection here is the junkware shipped with all PCs, including HP's, according to HP 3000 consultant and open source expert Brian Edminster. In this case, the revoked certificate will cause support issues for administrators. The certificate was used to sign a huge swath of HP software, including crucial hardware and software drivers and components that are critical to Windows.
"This is one of the reasons that I absolutely loath all the 'junkware' that is commonly delivered along with new PCs," Edminster said. "I end up spending hours removing it all before I use a new PC." Recovery partitions on Windows systems will be at unknown risk after the certificate is pulled Oct. 21, too.HP's Windows computers have recovery partitions on the boot hard drive that can restore a system to its original, factory-shipped software configuration. That configuration includes the junkware.
"For me, this junkware is just chaff," Edminster said, "and an opportunity to clog up a machine that's supposed to be pristine and new. To say nothing of increased opportunities for the sort of thing outlined in the Kerbs article."
HP's Security officer Wahlin said that admins will have to wait to see the impact of that revoked certificate, according to the article.
The interesting thing that pops up here — and even Microsoft doesn’t know the answer to this — is what happens to systems with the restore partition, if they need to be restored. Our PC group is working through trying to create solutions to help customers if that actually becomes a real-world scenario, but in the end that’s something we can’t test in a lab environment until that certificate is officially revoked by Verisign on October 21.
October 06, 2014
HP to break itself, dividing into 2 companies
Hewlett-Packard announced this morning that it will divide itself into two publicly-traded corporations, a move that shareholders and stock analysts have been demanding and predicting for years. The division of the company will be along product lines. The business server operations will be contained in the new Hewlett-Packard Enterprise, while PC and printer businesses will comprise the new HP, Inc.
The vendor said in a press release that the restructuring will "define the next generation of technology infrastructure." The reorganization will also spin out the least profitable, but largest, segment of HP's business into its own unit. HP still ranks in the top five among PC makers and is one of the largest makers of printers in the world.
Meg Whitman will be CEO and president of the Hewlett-Packard Enterprise company. Pat Russo will chair a new Hewlett-Packard Enterprise board of directors. Last month Hewlett-Packard -- the full corporation founded by Bill Hewlett and Dave Packard in 1939 -- had named Whitman as chairman of the board and CEO. By breaking up the company, Whitman will cede some control of its most competitive and popular product segments.
Dion Weisler will be the head of the new HP, Inc. as CEO and president. Whitman will chair the HP Inc. board of directors. HP said it will still meet its profit forecasts for the fiscal year that ends on Oct. 31. It also said that it "issues a fiscal 2015 non-GAAP diluted Earnings Per Share outlook of $3.83-$4.03." That is the sweetest way of forecasting a profit, using non-Generally Accepted Accounting Practices. But it's not clear if that's HP Inc. profits, or profits for Hewlett-Packard Enterprise. And the vendor said it would take all of fiscal 2015 to complete the transaction.
“The decision to separate into two market-leading companies underscores our commitment to the turnaround plan," said Whitman, who's led HP through three years of a five-year turnaround plan. "It will provide each new company with the independence, focus, financial resources, and flexibility they need to adapt quickly to market and customer dynamics, while generating long-term value for shareholders.
"In short, by transitioning now from one HP to two new companies, created out of our successful turnaround efforts, we will be in an even better position to compete in the market, support our customers and partners, and deliver maximum value to our shareholders."Much of the rest of HP's release deals with the visions and mechanics of dividing a $128 billion company into a classic and post-modern product manufacturer. Except that nothing is classic about the Hewlett-Packard Enterprise company, with the exception of its three proprietary operating systems: HP-UX, OpenVMS, and NonStop. The company has announced that HP-UX will be extending some of its enterprise-grade features to a version of RedHat. OpenVMS will be curtailed to only the newest generation of servers for the latest version of the OS. And NonStop, the most specialized of the three operating systems, is getting a full port to the x86/Xeon architecture -- an escape hatch from the Itanium chips that power Integrity servers.
But HP is retaining the Financial Services unit inside the Hewlett-Packard Enterprise corporation. It's a move the company noted will give financial advantages to customers and partners.
Hewlett-Packard Enterprise will have a unique portfolio and strong multi-year innovation roadmap across technology infrastructure, software and services to allow customers to take full advantage of the opportunities presented by cloud, big data, security and mobility in the New Style of IT. By leveraging its HP Financial Services capability, the company will be well positioned to create unique technology deployment models for customers and partners based on their specific business needs.
Additionally, the company intends for HP Financial Services to continue to provide financing and business model innovation for customers and partners of HP Inc. Customers will have the same unmatched choice of how to deploy and consume technology, and with a simpler, more nimble partner. The separation will provide additional resources, and a reduction of debt at the operating company level, to support investments across key areas of the portfolio. The separation will also allow for greater flexibility in completing the turnaround of Enterprise Services and strengthening the company's go-to-market capabilities.
"Over the past three years, we have reignited our innovation engine with breakthrough offerings for the enterprise like Apollo, Gen 9 and Moonshot servers, our 3PAR storage platform, our HP OneView management platform, our HP Helion Cloud and a host of software and services offerings in security, analytics and application transformation," continued Whitman. "Hewlett-Packard Enterprise will accelerate innovation across key next-generation areas of the portfolio."
R&D innovation has been a troubled business operation for Hewlett-Packard since the early years of this century, until Whitman announced a shift in the vendor's priorities in 2012. She named Martin Fink, the former leader of the embattled Business Critical Systems unit where those operating systems are built, to lead HP Labs. Within a year, the Labs were creating The Machine, a way forward into a new architecture for computing -- but one that could demand up to 75 percent of the Labs' resources.
It's not yet clear where HP Labs will go in the reorganization, but the Enterprise unit seems to make the most sense. Labs also contributes to product releases in the printer and PC lineups. HP mentioned the forthcoming 3D printer lineup in the breakup announcement.
HP was to have a meeting with financial analysts in just two days, but "as a result of this separation, its Oct. 8 2014 Securities Analysts Meeting has been postponed." A conference call took place at 5AM today, and is available for replay at the HP Investor Relations website.
Whitman said only a year ago that a single HP was the right approach. She said the same strategy is still the right approach, but added that breaking up the company will accelerate growth. "We now operate from a position of strength," she said, citing a strong balance sheet and returns to shareholders. The stock was nearing $40 a share in recent months, a profound rebound from prices in the teens at the lowest point of the turnaround.
After the split up, shareholders of the HPQ security will hold shares in both companies, CFO Cathie Lesjak said in the confence call. It's a move that will prompt instant investment in the new HP Inc.
October 01, 2014
Steady pace means un-news isn't no news
By Ron Seybold
What does it say about the HP 3000 when the steadiest story about the 3000 doesn’t involve an HP 3000? You can’t wear one, like an Apple Watch, or buy a brand-new HP 3000. Your server’s operating system is unchanged after more than four years, unless you’re buying a custom-crafted patch. The mission for this general purpose machine hasn’t changed, either.
It might be that the most constant news about the HP 3000 of 2014 is there’s no fresh news. So what’s an editor to do when his blog and publication includes the word Newswire? To conjure content, I reach back, and I look ahead. What is ahead of us doesn’t involve much HP iron, and certainly nothing new wearing a Hewlett-Packard 3000 badge on its chest. I only have to reach back to see a story where wearing something to compute wasn’t a novel concept. Not according to my files here in the office.
I work a lot out of the files these days.
This rambling is a way of describing my frustration and then a calm acceptance about the limited rate of change. I came into the journalism business with the knowledge that new was best. My first newspapering job came in a small Texas town with a competing paper just down the block. You’d wonder why a county seat of 3,500 would ever need two newspapers. It was 1982, a year when plenty of towns had two papers. Journalism has changed. Now there’s an infographic out there with the Then and Now of information. A reporter is now considered a blogger, and press conferences are now Twitter chats.
I came to tech journalism and got scooped within three weeks. Scoop, for any who’ve forgotten, is when a competitor learns and prints something before you can. One year at an Interex conference, we scooped all day at our booth. Ice cream, supplied by the hotel’s catering department. The word was synonymous with elite information.
There are press releases today, but they’re called content. Some still fill my inbox, but they come from non-3000 markets. The investment of an envelope and stamp is gone, just like an investment in HP-branded iron has been replaced by an offsite, up in the cloud server. Not free, but oh so less costly.I get frustrated when there’s nothing new on each and every blog posting day. Then I take a breath and settle into some calm acceptance -- because like you, I work in a world where a computer’s legacy, and its archival opportunity, is always online. The news here sometimes has to be, well, as NBC TV once said, “New to You.” HP used to tell us, while it provided updates for 3000 customers, “this is new news.”
Even the vendor knew there was more than one kind of news. And HP was where the new models were being crafted.
So here, crossing into the 20th year of the 3000 Newswire, we now print once a quarter. We issue a story or message about 22 times per month, but the news that is new appears on the same ratio as our new print edition to old print issue: one story out of four. There’s the one, of course, but these days it’s as likely to be about a virtual 3000 or a cloud opportunity as anything directly related to MPE software or applications.
What’s a reporter to do? I made my transition to blogger more than nine years ago, wearing a reporter’s fedora at the same time. (Fedora: a short-brimmed hat with a Press card tucked into its brim. For further reference see the 1931 movie, The Front Page.)
But as this 20th fall season arrived in the NewsWire’s office, that fedora is as much a legacy as MPE’s endearing and enduring achievements. I have a short-brim hat I haven’t worn since the '90s. When fall teased us in Austin this month, I opened the windows here and started to clean out the office, tossing things into the Big Recycle Box. Coming from Depression Era hoarders, as I said in a ThrowBack Thursday article, I have way too much stuff in this office that oughta be in the recycle bin.
September 26, 2014
Making History By Staying Together
What price and what value can we put on borders? While we put the latest 3000 Newswire print issue to bed last week, the United Kingdom’s region of Scotland was voting for its independence from Great Britain. One of our favorite 3000 resources and supporters, Alan Yeo, didn't know if he’d wake up at the end of last week using UK or GB as the acronym to define his country. If Scotland were to go, the Kingdom would no longer be United.
Cooler heads prevailed, and the No vote to block the push to secede squashed the Yes by a large margin. The country made history with the largest voter turnout every recorded. There's some good come of the competition, anyway.
The independence balloting called to mind what the Web has done with borders: erased them all, virtually. Some of the more draconian countries have fences up to keep their citizens’ thoughts and beliefs in, but even China with its Alibaba marketplace — where you can but a 747 or drone motors over the Web equivalent of eBay or Amazon — is erasing its borders. Scotland, inexplicably, wants to erect new ones.
Here in Austin, and through most of Texas, bumper stickers ride on trucks with the state’s outline the command, “Secede!” We are the United States of America, though. Pockets of rebellion boil up in places like the Texas border with Mexico, or up in Idaho. But there’s too much in common among government sentiment to break us up into pieces.
I know about the desire for borders. Our nitwit governor here was on TV last fall, here in Austin, describing our progressive town as “the blueberry in a sea of red.” Yes, we’re juicy, sweet, and different. But we’re Texans, too, much to the governor’s dismay. That TV show didn’t hit Jimmy Kimmel’s show from Dallas or Houston.
So it has gone for the Web and 3000 users. On pages over the years, both paper on on the Web, we cater to constituencies as diverse as possible. One set of readers is done with MPE, making plans to archive systems or scrap them. Another is devoted to their status quo, the devils they know rather than the devils they don’t know how much upset and cost they’ll trigger.Long ago, there were borders on our Internet information. In the Usenet domain, discussion groups raced along with names like comp.sys.hp.mpe, and its Unix counterpart comp.sys.hp.ux. You’d rarely hear exchange in those countries about their neighbors. Mostly because people had to specialize in order to remain successful in their IT careers. Now the borders between environments have been forced to open up while our readership grapples with a homogenous list of servers. Some apps have moved to HP’s Unix servers, at one site, while key apps run on virtualized 3000s.
When I type “3000 to 9000 migration” into Google I find only seven HP-related links. We’re No. 5 on the page, behind two HP whitepapers, a YouTube video from a hardware reseller, and the HP 9000 Wikipedia article. Of course Google searches on an exact phrase — so our article is entitled “IBM takes a swing at 9000 migration.” It picked up on the phrase “9000 migration.” A lot like a secceding citizen might note the differences between countries, or states.
The element that’s changing fastest about these borders over the computing community is how fast they’re falling. HP is celebrating the cloud business it’s still trying to win, now that the specialized servers it retained — in favor of 3000s — have stopped winning customers. The cloud is the ultimate borderless territory, where you can’t tell which vendor is running your app. All that matters is that the data is secure, and it’s a reliable resource.
The Scots missed out on the chance to discover modern expectations about security and reliability. It was the common belief on election night that the balloting would be whisker-close over there. Here in our office where nearly all of what we produce goes onto the Web first, we’re not seceding from any 3000 domain.
September 25, 2014
TBT: Early winter's taste visits Interex '94
It stunned nearly everybody, but the final day of the annual Interex user conference, 20 years ago this week, did not herald the start of Fall. That season might have filled pages on everybody's calendar, but the skies over Denver were filled with snowflakes on Sept. 21. Thousands of HP 3000 customers had to scurry through soggy streets in a month where leaves were supposed to be falling.
Everything happened at an Interex, eventually. Robelle's Neil Armstrong wrote about it in the What's Up Doc newsletter the vendor produced that year.
Welcome to Winterex 1994.
Once again the weather attempted to upstage various announcements and goings on at the Interex Conference. This year it snowed on the Wednesday afternoon of the Denver conference. The "snow" storm, however, was nothing compared to hurricane Andrew which hit New Orleans during Interex '92.
This year's conference was certainly a hit with a lot of the people I talked to. The last Interex I attended was in Boston in 1990, which became known as the Great Unbundling of TurboImage Debate. Interex '94 was a pleasant contrast with HP's new product announcements, the bundling of ARPA services and a general positive tone regarding the future of the HP 3000. The HP booth was a beehive of activity with Client-Server demonstrations and huge printers on display.
Armstrong went on to say that his favorite view at the show was seeing a camera connected to an HP 9000 workstation, one that delivered a live pictures of people passing by the box. "The fun part was moving from side to side quickly and watching the CPU graph go up," he added.
This was the year when the pushback started to ruffle the Unix juggernaut that had promised open systems for so long. Windows was still a year away from being desktop-useful. But that didn't keep the technical leadership from creating a Unix Hater's Handbook.While MPE was clicking off its 20th straight year of serving business computing needs, system managers who wanted to find fault with HP's favored OS could buy that above book and feel vindicated.
From a book review by Paul Gobes in Robelle's newsletter, commenting on how an online mailing list's posts were turned into a book.
That list has been cleverly edited into a systematic attack in book form. It is often cruel and sarcastic but it is difficult not to empathize with the frustration that many of the users have endured. Some of the chapter subheadings will give you a good idea where the book is heading.
Unix - The world's first computer virus
Welcome New User! - Like Russian roulette with six bullets loaded
Documentation? - What documentation?
Snoozenet - I post, therefore I am
Terminal Insanity - Curses! foiled again!
The X-Windows Disaster - How to make a 50-MIPS workstation run like a PC
csh, pipes, and find - Power tools for power fools
Security - Oh, I'm sorry, sir, go ahead, I didn't realize you were root
The File System - Sure it corrupts your files, but look how fast it is!
You can still read MPE managers' favorite book of the fall of '94, online. IDG Books printed copies, and one of the early reviewers of the material returned to it, six years ago, to reconsider the accuracy of the gripes and wisecracks. It was invective, far ahead of its time considering how much we hear today. The book was sold with a Unix Barf Bag.
While the snow fell on Interex, HP was putting TurboIMAGE on ice. David Greer warned customers to get in their request to upgrade from TurboIMAGE to IMAGE/SQL. The latter was new and making its way into "about a twelfth of the customer base at a time."
"Unfortunately, you must ask HP to add IMAGE/SQL to your support contract; it is not the default. And you only get one chance! It will be easy to miss out on IMAGE/SQL and all future IMAGE enhancements. The following statement by Jim Sartain, HP SQL Program Manager, appeared on the Internet."
When support contracts are up for renewal, customers are given the option of upgrading from TurboIMAGE to IMAGE/SQL. The product support cost is from $10 to $325 per month depending on the MPE/iX user level and whether the customer is on basic line or response line.
Customers who decline this offer will continue to receive a functionally stable version of TurboIMAGE (no future enhancements). Should the customer want to upgrade to IMAGE/SQL in the future they must purchase the upgrade and pay for IMAGE/SQL support.
"Better warn purchasing today. If you don't ask for IMAGE/SQL now, asking for it later will be expensive."
September 10, 2014
One Course to Sail a 3000 Into the Cloud
People in IT have come to understand the meanings and potential for the term cloud computing. But plenty of them don't trust it, according to a recent survey. Not with many mission-critical apps, anyway. Since HP 3000 managers have always had a belt-plus-suspenders approach to datacenter management, we'll bet that a great percentage of them are among the doubters about cloud security.
Remote instances of HP 3000s have been with the community as long as MPE could boot a server. But now, knowing which precise server will deliver an application isn't part of the cloud's design. Even as recently as this year, companies are getting by with 3000 computing by using a server located outside their site, sometimes even outside their state.
It's the state of cloud computing security that gives IT pros some pause. According to a study conducted this year by Unisys (remember their mainframes?) and IDG Research, more than 70 percent of 350 respondents feel security is the chief obstacle in cloud deployment. IT executives want to collect data about the security of data that's in the cloud.
The technology to put Linux instances into cloud computing is already available. And Linux is essential to installing the HPA version of CHARON from Stromasys. There's been no announcement of a cloud edition of the virtualization product. But Docker looks like tech that could help, according to our contributor and 3000 consultant Brian Edminster.
"Docker struck me as an easy mechanism to stand up Linux instances in the cloud -- any number of different clouds, actually," Edminster said. According to a Wiki article Edminster pointed at, Docker is based upon open source software, the sort of solution he's been tracking for MPE users for many years.Docker is an open-source project that automates the deployment of applications inside software containers, "thus providing an additional layer of abstraction and automation of operating system-level virtualization on Linux. Docker uses resource isolation features of the Linux kernel such as cgroups and kernel namespaces to allow independent "containers" to run within a single Linux instance, avoiding the overhead of starting virtual machines," the Wiki article reports.
Docker is "a standardized software platform for delivering apps at scale," according to a recent article in Infoworld. And it's taking over the world, the article adds.
Two major operating system projects have already started integrating Docker as a fundamental part of how they work. CoreOS uses Docker to create a pared-down Linux distribution -- one now available on Google Cloud Platform, appropriately enough -- where all software is bundled into Docker containers. Red Hat's already started building major support for Docker into Red Hat Enterprise Linux and has plans for a major reworking of RHEL around Docker, Project Atomic.
Early deployments of cloud applications, however, are mostly non-critical applications where security is less of a concern, according to the Unisys-IDG survey. Cloud servers present new risk considerations that a company like CloudPassage is glad to address.
There's genuine concern for keeping cloud servers more secure, because they present great targets of opportunities for fraud. From a report by CloudPassage:
Fraudsters demand a constant stream of freshly compromised servers to keep botnets running. An entire underground business known as bot herding emerged to capitalize on this illicit need.
Bot-herders make their living by building botnets to then sell or rent to other e-criminals. Compromising an elastic cloud infrastructure environment can return a windfall versus hacking into a traditional hardware server. If a bot-herder is able to place command-and-control software on a VM that later is duplicated through cloning or cloud bursting, the botnet capacity will automatically grow.
For stakeholders in cloud hosting environments, the implication is a higher expectation of being targeted for server takeovers, root-kitting and botnet command-and-control insertions
CloudPassage is the leading cloud server security provider and creator of Halo, the industry’s first security and compliance platform purpose-built for elastic cloud environments. Halo operates across public, private and hybrid clouds.
And, one would assume, Linux hosted on Intel cloud servers that could be cradles for CHARON instances. The last time we checked on this issue, the authentic HPSUSAN number -- now supplied on a USB drive -- was the narrow part of the passage in sailing the emulator onto cloud servers.
Caution has been the practice for much of the 3000 community over the decades I've watched it. Even when the HPSUSAN strategy is resolved -- assuming that's a customer need for Stromasys to address -- keeping those clouds clear of bot-herders will be essential.
September 09, 2014
Remaining on Watch for HP Innovation
Earlier today Apple unveiled the descriptions and benefits of wearing a full functioning computer for the first time. Well, maybe not for the very first time. But for the first time in the modern era of computing, anyway. The Apple Watch defines the Tim Cook era at the company, and it will still need some tuning up through several generations. But this time around, the watch that breaks ground by riding on wrists won't need a stylus -- just an iPhone.
The instance of this is called the Apple Watch -- say goodbye to any new product lines being started with an "i" for now. A watch is not an enterprise computing tool, some will argue. But that was said about the iPhone, too -- a device that turned out to be a portable computer of breakthrough size. HP 3000 acolyte Wirt Atmar wrote a famous newsgroup post about the first iPhones, being like "beautiful cruise ships where the bathrooms don't work."
The Apple Watch, of course, won't be anywhere close to perfect on first release Early Next Year. People forget that the iPhone was a work in progress though most of its first year. That's a better track record than the HP 3000 had at first shipment, late in 1972. That system that's survived 40 years in a useful form -- 1974 marks the year when MPE and HP iron finally had an acceptible match -- got returned to HP in many instances.
The elder members of our 3000 community will recall the HP-01, a wristwatch that wanted to be a calculator at the same time. Nobody had considered wearing a calculator, and nobody had asked for a wearable one, either. But HP felt compelled to innovate out of its calculator genius factory in Corvallis, Oregon, and so a short-lived product, designed to satisfy engineers, made its way into HP lore in 1977.
"All of the integrated circuits and three discrete components for the oscillator are combined in a hybrid circuit on a five-layer ceramic substrate," said the article in the HP Journal, the every other month paper publication where engineers read about innovations, and the more technical customer was steered to see how Hewlett-Packard could deploy superior design. The problem was that it was 1977, and the company was sailing too far afield from its customers' desires with the HP-01. 1977 was a year when HP had scrabbled to come up with a Series II of the HP3000, a device more important to anyone who wanted to leave IBM batch computing behind and get more interactive. People who bought calculators had no concept of mobile computing. Even a luggable computer was still six years away.
But the HP-01 did accomplish one benefit for the HP customer, who even then was a consumer, of business products. It showed the company was ardent about the need to innovate. The HP Journal is long gone, and the heartbeat of the company feels like it runs through personal computers and miniaturization of internal parts that make more of a difference to manufacturing and product margins. Apple built an S1 processor that's "miniaturizing an entire computer system onto a single chip" to make the Apple Watch a reality, something like HP's five-layer hybrid circuit substrate of 1977.
Apple's had its share of innovative flops, too -- but the most recent one was from 2001, the PowerMac G4 cube. A breakthrough like this S1 that Apple claims is an industry first. HP's innovations these days are not getting the kind of uptake that you'll see from the Watch next year. Nobody tells a story about computer promise like Apple, right down to calling parts of its team "horological experts," and saying it with a straight face. In contrast, HP's Moonshot and the like are important to very large customers, but the small business innovation has been limited to fan-cooling technology. Not sexy enough to earn its own video with a spacey soundtrack.
Why care? One reason might be that HP's working to convince the world, its customers, and its investors that innovation is still embedded in its DNA. It takes more than slapping the word "Invent" under the logo. Innovation is hailed by the markets, not the engineers who designed it. Everything is a consumer product by now, since we're consuming computing as if it were a wristwatch.In the months before Steve Jobs died, he showered the HP Way and its products with praise while planning the future for Apple. He wanted Apple to leave a legacy in the industry the way that Hewlett-Packard had done, spinning off other companies and making their essential technology indispensible. Apple would do well to become what Hewlett-Packard was at its best.
Are more of those days out in HP's future? Is the ongoing turnaround a way to salvage the HP Unix and OpenVMS applications and enterprises that are going to left behind? Or are they going to become as obsolete as the HP-01, because any company needs to leave products behind? You can't set your watch to the moment when that question will be answered. Not even a device like Apple's, one that's haptic, made in gold as well as stainless steel, and lets you send an image of your beating heart to your loved one, cannot mind the time on that development.
August 27, 2014
A Virtual Legacy from the Past to the Future
VMworld 2014 wrapped up this week, with more than 25,000 IT pros and suppliers attending the San Francisco conference. Although the show was wrapped entirely around the VMware offerings -- and few other genuinely available products look to the future as much as the virtual machine vendor's -- there's also a legacy story to be told. As it turned out, that story was a message that virtualized 3000 vendor Stromays got to share.
West Coast sales manager Doug Smith, a 3000 veteran from the enterprise resource planning world, checked in on his way out of the Bay Area to report on the proximity between decades-old MPE/iX and just-days-old VMWare innovations like the enterprise cloud vCloud Air. VMware is offering the first month of vCloud Air free.
"VMWorld is a lot of people looking forward," he said, "and we're pulling people back, out of the past. It was great to see those little guys walking by and knowing what MPE, VMS and Alpha means. People were looking up and saying, 'Oh yeah, I've got one of those HP 3000s in my datacenter.' It was a sight to see."
The CHARON virtualization engine that turns an Intel server into a 3000 runs on the bare metal of an Intel i5 processor or faster, operating inside a Linux cradle. But plenty of customers who use CHARON host the software in a virtualized Linux environment -- one where VMware provides the hosting for Linux, which then carries CHARON and its power to transform Intel chips, bus and storage into PA-RISC boxes. VMware is commonplace among HP 3000 sites, so management is no extra work. But ample server horsepower is a recommended spec for using a VMware-CHARON combo.When a site can eliminate the need for a bare-metal Linux box, "it's kind of double-virtualization," Smith explained. Customers need to manage performance in this configuration which eliminates the need for a dedicated Linux box. "So long as you have enough memory, nice CPUs and disk, the performance is high," Smith said.
With all that noted, Smith said he had a 3000 running on his laptop during the conference on the show floor. "It kind of blows people away," he said. "All the old-school guys are used to seeing a big old box out there running MPE. We had an HP Envy laptop running our 4040 virtual machine." The 4040 is a 4-CPU N-Class server with performance clocked at 38 HP Performance Units -- the equivalent of an HP-branded N4000-400-440.
HP once carried an ultimate-generation 3000 under an arm of a product manager at a conference, but that was 13 years ago and the box was the size of a deep kitchen drawer. It was also an A-Class, which is a pretty good reference point for how compact the supporting hardware has shrunk to host one of the fastest MPE engines. It helps make that happen when the hardware can be Intel-based. Most CHARON installations for MPE don't run on laptops, but the installation turns heads at a conference.
When a laptop with an i5 processor, 8 GB of memory and a 1TB drive can deliver an application screen from an OS first launched in 1974, that's looking forward -- with an viewpoint toward preserving the value of the past, too. There's been interest in the 3000 community in hosting CHARON over a cloud-based server. VMware vCloud stands out as one of the ways to put a solution such as that into practice, at some point in the future.
August 22, 2014
30 years ago, 1984 seemed like news
I've been writing about my own experiences of the year 1984, since this has been the week that marks my 30th anniversary of my technical journalism career. It was the era of personal 1200 baud modems manufactured by US Robotics, now owned by PowerHouse's parent company Unicom Global. It was a time when HP's PC, the Touchscreen 150, operated using a variant of CPM -- the alternative to MS-DOS that lost like Betamax lost to VHS. It was a year when HP's worldwide software engineering manager Marc Hoff announced that 1,783 new products would enter HP's price list on April 1, products ranging from less-expensive software to "application-experienced CEs" called CSRs.
HP's new PICS phone support centers in California and Georgia each operated from 8 AM to 6 PM, giving the customers a whole 13 hours a day of call-in "toll-free" support in the US. It was an era when toll-free mattered, too, and to save money in your DP shop (we didn't call it IT) you could read a column on how to make your own RS-232 cables for the HP 3000, based on instructions from the Black Box Catalog. The HP 3000 could output graphics to magnetic tape, files that could be passed to a service bureau to create 35mm slides for your Kodak Carousel projector for those important boardroom meetings. But there are stories that 3000 community members have shared about that year, too. Here's a sample of some.
Alan Yeo, ScreenJet founder - In 1984 I had just gone freelance for a contract paying “Great Money” and spent the whole year on a Huge Transact Project. Actually it was the rescue of a Huge Transact Project, one that had taken two elapsed and probably 25 man-years and at that point was about 10 percent working. A couple of us were brought in on contract to turn it around. We did, and we used to joke that we were like a couple of Samurai Coders brought in to Slash and Burn all before us. (I think Richard Chamberlin may have just starred in the hit TV epic Samurai at that time.)
We were working on a Series 70, configured as the biggest 3000 in our region of the UK (apart from the one at HP itself). We used to have lots of HP SEs in and out to visit -- not because it was broken but just to show it to other customers. That was the year we started hearing rumors of PA-RISC and the new “Spectrum” HP 3000s. It unfortunately took a few more years for them to hit the streets.
I have lots of good memories of HP SEs from that time. HP employed some of the best people, and a lot of them were a great mix between Hardware Engineers, Software Engineers and Application Engineers. Great people to work with who sort of espoused the HP Way, and really made you want to be associated with HP. Where did they go wrong?
Brian Edminster, Applied Technologies founder -- As you've said, bespoke software was the meat and potatoes of the early 3000 market. I still believe that a custom software application package can be warranted -- as long as it gives your business a competitive edge. The trick is to make sure the edge is large enough to justify the expense of having something that's not Commercial Off the Shelf.Doug Greenup, Minisoft founder -- In 1984 Minisoft was just one year old. We had just begun marketing our first product, a word processor for the HP 3000 known as Miniword. At that time a lot of HP 3000s only did 2400 baud, so typeahead was pretty important. Users were losing characters because they typed too fast. Typeahead helped to solve that problem. Because the HP 3000 did not have typeahead we had to manufacture a little box that sat between the HP3000 and the terminal we called a “SoftBox.” One of our best moments was when we were able to get 9600 baud on a serial connection.
Also at that time we were timesharing on an HP 3000 Series III with another company called Western Data. The spinoff of that company became Walker, Richer and Quinn, the makers of Reflection. Marty Quinn came into my office one day complaining that he couldn't develop from home. He had this piece of hardware called an IBM PC. I remember laughing at the thought of making this IBM PC look like an HP2622 block mode terminal. Marty went on to develop PC2622 which became Reflection.
Denys Beauchemin, MIS manager, backup vendor, developer and Interex chairman -- By 1984 I had been working on the HP 3000 for over seven years. I was at Northern Telecom in Montreal with a pair of Series 70. The Spectrum project was announced by HP at the same time as the cancellation of the Vision project, and the Series 70 got an upgrade to keep it viable for a few more years waiting for Spectrum.
Donna (Garverick) Hofmeister, SIGSYSMAN chair, Longs Drug developer/analyst, OpenMPE board director -- By 1984 I was two years out of college and working for the Army, tracking equipment readiness on a 3000. It was replaced by a Series 70, just about as soon as the 70s came out, too. We were very proud of that system, because at time of delivery we were told it was the biggest 70 ever made.
Over the years we pushed that box pretty hard. It was very much a case of “if you build [the application] they will come.” We gave weapon system managers on-line access to their data -- something they had never had. And when we started graphing the trend data -- oh boy! You'd think we had built a better mouse trap! I was particularly fond of the DSG/3000 decision support graphics application. By the time the Army and I parted ways, I think we had a grand 6GB of disc attached to the system.
Chris Bartram, 3k Associates founder, NewsWire Webmaster - In 1984 I had just taken a fulltime system programming job on the 3000 after deciding to give up on college for a while. My work there inspired me to start 3k a few years later in 1987. That was the year when I bought my first 3000, a 3000/37 Mighty Mouse which cost me about $10,000.
Gilles Schipper, founder of third party support firm GSA, NewsWire columnist -1984 was one year after I left HP and started out on my own. At that time, MPE/VE was starting to be out in full force after HP had just announced the 42 (as well as the 48 and 68). Shortly thereafter, as regular contributor to The Chronicle, I wrote an article entitled “The HP3000 Series 41?” in which I suggested that lots of HP 3000 users were being shortchanged by HP with the Series 40 to 42 “upgrade kit,” because it did not include the necessary CPU board replacement that actually made the upgrade complete.
Guy Smith, Chronicle columnist and founder of Silicon Support Strategies - Wow, where the hell was I in 1984? I was running a couple of boxes at Canaveral Air Force Station at that time. 16-bits and many megabytes of RAM were considered serious hardware (which my laptop that I'm writing with mocks, smugly superior with its two 64-bit CPUs and 8GB of fast RAM).
Important at that point in time was the growing number and sophistication of HP Users Groups. The Florida Users Group was particularly vibrant and was a great feeding ground for young and hungry bitheads like me. They were small, intimate and high powered, allowing me to meet and discuss HP 3000 innards with the likes of David Greer, Vladimir Volokh and other gurus. Interex later became the locus, but regional groups were the launching pads for most of us in 1984. NASA at Kennedy Space Center and neighboring Cape Canaveral Air Force Station had many HP 3000s. I know the concentration of machines and talent there influenced FLORUG.
Jeff Vance, HP developer for MPE, community liaison -- In 1984 I was working in the MPE XL (really named HPE at the time) lab. It was the year that Spectrum (which became PA-RISC) won the battle over the Vision architecture, and we re-wrote much of the low-level OS to Spectrum, while simply porting the higher level code.
The “HPE Cookbook,” written by the late Chris Mayo, was “published” May 15, 1984. The table of contents shows: Development Environment Map, CookMOM - How to Build “Hi Mom,” CookHPE, Useful Directories, User Information, Spooling, Customizing Makefiles for HPE, and RDB - The Remote Debugger.
August 19, 2014
What Changed Over 30 Years: Bespoke
I arrived here in the community of my career when gas was $1.15 a gallon in the US, the Dow was at 1,200, a new truck sold for $8,995, the Cold War Olympics featured no Soviet atheletes in LA, and Stevie Wonder had a top hit on the record charts. Because there were still records being sold for pop hits, along with cassettes. Nary a CD could be bought. The Mac was brand new and still didn't sport a hard drive. Those fellows to the right were right in style with warm-up suits that you're likely to see in a senior's happy hour cafeteria line today.
There were thousands of applications in the Hewlett-Packard software catalog of 1984. It wasn't a new idea to collate and curate them, either. MB Foster had one of the first compendiums of HP 3000 software, several years before it occured to HP to offer products the vendor did not make (or buy up, then sell back). But in the month when I entered this market, during that August you were at least as likely to find custom, bespoke software running a corporation as any Commercial Off The Shelf package.
People built what they needed. The bespoken software was often created with the help of fourth generation langauges, so Speedware and Cognos' Powerhouse were big players during 1984. Not the biggest of the 3000 vendors, in terms of customer size. Unless you counted several thousand MANMAN sites, all running the Quiz reporting tools that ASK Computer included with the MRP package. Back in those says, Enterprise Resource Planning hadn't been conceived.
Because so much of the community's software was customized, being well-versed in IMAGE/3000 -- not yet TurboIMAGE, let alone IMAGE/SQL -- was a key skill. Mastery of the database was more attainable if you had a database management utility. Adager was most widely installed, with Bradmark just getting off the ground in 1984. I nearly crashed my reputation with Adager and co-founder Alfredo Rego, less than a month after I began my career in the community.
The problem was a lack of MPE and IMAGE experience. Since I didn't understand the technology first-hand, I felt compelled to contribute to the effort of the HP Chronicle. Not by writing an article, but instead closely red-pen editing the writing of Rego. I didn't know yet that anything he shared with a publication -- his technical treatise was a big win for us at the HP Chronicle -- had already been polished and optimized. A writer well-steeped in mastery of his subject can insist an article be published with no changes. In the publishing business, stet means to ignore a change. I'd have been helped if someone had grabbed my inked-up printout of Rego's paper and marked "stet all changes" on the front. He had a legitimate beef.
Instead, we ran it and then I got to enjoy a rare thrill -- having my corrections corrected by the author, live in front of a local user group audience. Writers forming the troika of big independent vendors -- Bob Green at Robelle, Eugene Volokh at VEsoft, and Rego -- certainly had earned stet-all-changes. Their software became crucial in managing a 3000 that was gasping for new horsepower. Creating and maintaining customized software was a popular way to get the most out of the six-figure HP 3000s, already at the end of the line at the top but still more than two years away from getting a refresh.One accounting software package was in place that was basically a template for its resellers to customize for customers. Meanwhile there was talk in our offices about the new Account Management Support, a Systems Engineer (SE) and Customer Support Representative (SCR) tandem for supporting HP 3000s. An SE would visit your site once a month; nothing new about that in 1984. But HP would be sending a CSR for each of your applications. The 3000 community always knew that HP wanted to be onsite to talk about optimization and resolve management operations issues. The CSRs were all about making sure that the HP applications were satisfactory -- and edging out the third-party alternatives.
But so much of what was running neither HP or third-party. It was custom-crafted. And that year could get a new level of support, via phone in the US out of Santa Clara, Calif. and from Atlanta.
In my offices, the 3000 was limited to an amber terminal emulator screen, representing time on a system down at Futura Press, where the newspaper was printed monthly. We never saw any SEs unless we were at a conference -- where they gave talks. We never installed an HP 3000.
It was an era where PCs were on the rise, but not being much trusted in the Data Processing departments. The financial forces started to carry the day with PCs and MS-DOS, but the established MIS sector analysts figured that PCs would saturate the market quickly enough. One $400,000 study reported "Early PC peak forecasted," where SRI International predicted PC growth tapering off after 1986. "Average annual growth will be only 5.4 percent in the 1986-1990 period."
Customization -- the bespoke nature of database designs -- was supposed to be holding back more PC growth. "Some companies find that the file structures within their corporate databse do not lend themselves to easy access by PCs." Personal computers were supposed to work unconnected to the databases like IMAGE, the experts figured. Then software like Data Express arrived to change all of that connectivity between PC spreadsheets and minicomputer databases. IMAGE could use what Lotus 1-2-3 wrought/
IMAGE adjustments, management and optimization were so popular that we had a pristine copy of the IMAGE/3000 Handbook in our office -- though it was more for my education than any operational use. The book was 330 generous sized pages, plus index, written by Bob Green, David Greer, Alfredo Rego, Fred White, and Dennis and Amy Heidner. "The book sold itself," said Green, "and since the price was $50 each and we paid for the printing, our editor Marguirete Russell had a nice extra income for the next few years."
August 18, 2014
This Is Where I Came In
It's the third week of August, but it's 30 years ago. I wear my wide tie and my oxfords to an office in Austin's northwest tech territory and start to write and learn about the HP 3000. I'm 27, father of a boy not yet two, a community news reporter with a new community to creep into -- because that's how it's done when you don't know anyone or much of anything. You ask a lot of questions and try to understand the answers.
The office is ribbed with wood paneling and mini-blinds and sports an IBM-PC knockoff, a Columbia. It's got an amber display and no hard drive. A box with the manual for Walker, Richer & Quinn's PC2622 software is on top of that monitor. It's connected for something called time-sharing, and it also connects to something called Compuserve. I watch my boss dial up on a phone with a modem -- I knew about those from using an Apple II at home -- and read the news. None of it's about HP, though. That's our story to tell.
Inside my editor's office there's a telephone transcription machine for recorded interviews, plus a Kaypro II portable. It weighs 28 pounds and has a screen that's nine inches across. Imagine two Samsung Galaxy phones side by side, and that's about it. There are two books on the shelf, both printed by Hewlett-Packard. One is a catalog of third-party software and specialized hardware, all written in something called MPE V for a computer people are wild about, the HP 3000. The other book is a listing of the phone number of everyone in HP's Bay Area campuses. HP is not yet selling $7 billion of gear, support or software in 1984 -- and that includes medical and measurement systems that are so much better known than its computer products.
In my first week of a career writing about HP, one of the first things that I learn is that we've been scooped. The latest HP 3000, a real ground-breaker, is already in the pages of Interact magazine. The user group Interex has won again, because being physically near those HP Bay Area offices makes a difference. There's nobody on our staff or theirs who wrote news for newspapers, though, not until this week. It's the only chance we've got to learn something first: Get on that phone, son.Thirty years ago the market that became the community I called home had a minicomputer product being sold in a mainframe mindset. HP sold office computers for interactive computing, just like DEC, Wang, Control Data, Honeywell, Burroughs, Univac, Datapoint, and yeah, some company called IBM. I'd heard of IBM. I knew nothing about the rest of the BUNCH, and I thought they were kidding about a company called Wang. (In the years to come, our publishing company created an unfortunately-named tabloid called Wang in the News.)
We got scooped on the release of the Series 37, which HP called the Office Computer because it was the first minicomputer it sold that didn't need special cooling or a raised floor. It operated on carpet, and that was a big deal for something people called the Mighty Mouse. It had the the first 3000 on a chip; a CMOS gate array; could have as much as 8 MB of memory and the same performance as a Series III, according to Stan Sieler's genealogy of that era. The Series III cost four times as much. That 8 MB is smaller than some of the individual podcast files I created 25 years later.
But I'm getting ahead of myself, like I usually do. I came into that office with 24 credit hours of computer science and a passion for the field. I was an enthusiast, as they used to call people who like computers for the concept of what they'd do, not just what they could help you learn. I only had a journalism degree to hang up on my paneled office wall. Plus that telephone and a notepad and a recorder. I needed the recorder, because I was drinking out of a fire hose of information for the first six months of these 30 years.
People were at the heart of the work, though. Not just the machines, but creative people with personality and a penchant for gathering and being social. These were business computing analysts, and the best way for them to share what they knew and learn was to read and meet in person. They held meetings at least once a month around the world. They were generous with what they knew. It seemed lots of them wanted to teach.
These days there are Throwback Thursdays online in social media like Facebook. Us baby boomers share pictures of our younger days. But I'm going to take more than just this coming Thursday to throw you back into 1984 and the place where I came in, looking for a way to tell stories that 3000 people would hear for the first time. Being first was important. But I'd soon learn that being accurate was even more important, more essential to my readers and my new community than being accurate when someone was on trial, or critically injured, or breaking a record or hearts on a sporting field. It certainly felt that way to the people who shared their stories with me. It also felt that way to me, the first time I messed up in public as I came in, then got schooled in person about how inaccurate my editing was in 1984.
August 14, 2014
TBT: Affordable IT in Acquisition Aftermath
There it is, in all of its comfy, trustworthy glory: The only two-page spread advertisement HP ever bought to promote the HP 3000. From a 1998 issue of Computerworld, it's a ThrowBack Thursday entry, from an era when the 3000 was battling for prime position in datacenters. (Click it to have a closer look.) Harry Sterling was the general manager of the 3000 group by that year. Serious business.
As part of another ad series, Terry Simpkins, now the Business Systems Director of Measurement Specialties Inc., testified to the value of running HP 3000 ERP systems. At the time MANMAN was owned by Computer Associates, who'd dubbed the software's owner the MK Group. (Click to have a closer look at his testimony.)
Now comes word that Simpkins' current company -- probably one of the single largest users of MANMAN -- has been purchased. An acquisition can be a trigger for change. Some HP 3000s have been decommissioned as a result of running a company which now must march in a new corporate file.
It may not be so at MSI. We've heard through the MANMAN support network that TE Connectivity Ltd., which will own MSI perhaps as early as next month, was impressed by the low costs of operating more than 10 separate ERP installations around the world. MSI was purchased for $1.4 billion, according to a report in the Wall Street Journal.
There have been some instances in the system's past where the HP 3000 edged out other mid-size enterprise platforms during a merger. AS/400s got replaced in one case. At MSI, the system is running manufacturing for a company that is moving into stronger business.TE was once called Tyco Electronics, a spinoff of Tyco International. It manufactures electronic connection products for cars, consumer products and the energy industry. Measurement Specialties had strong bookings in the last quarter before the deal was announced. In a statement at the time, it said it was "well positioned to deliver solid growth and strong earnings performance in fiscal 2015, with acceleration in fiscal 2016."
For MSI's latest fiscal year, net income was $37.8 million on sales of $412.7 million. The company expected fiscal 2015 sales of about $540 million, including $100 million from the recent purchase of Wema System AS.
With profits in hand, and the ability to meet growing business needs, it's possible that the HP 3000 could feel as secure as the blanket in that 1998 ad, once TE wraps its arms around its newest acquisition. MSI was looking to add a 3000 expert this summer, too. Comfort sometimes comes from the certainty of managing growth at an attractive price.
August 06, 2014
Password advice for migrating managers
More than a billion password-ID combos were stolen by a Russian gang, according to a report from a cybersecurity company. Mission-critical, revenue-centric passwords are probably the ripest targets.
Once you're making a migration of mission-critical systems from MPE to more-exposed servers, passwords will become a more intense study for you. Windows-based servers are the most exposed targets, so a migrated manager needs to know how to create high-caliber passwords and protect them. Given the headlines in current news, today's probably the day when you'll get more questions about how safe your systems are -- especially in the coming era of cloud computing. Here's some answers from our security expert Steve Hardwick.
By Steve Hardwick, CISSP
Everything needs a password to access it. One of the side effects of the cloud is the need to be able to separate information from the various users that access a centrally located service. In the case where I have data on my laptop or desktop, I can create one single password that controls access to all of the apps that reside on the drive, plus all of the associated data. There is a one to one physical relationship between the owner and the physical machine that hosts the information. This allows a simpler mechanism to validate the user.
In the cloud world it is not as easy. There is no longer a physical relationship with the user. In fact, a user may be accessing several different physical locations when running applications or accessing information. This has lead to a dramatic increase in the number of passwords and authentication methods that are in use.
I just did a count of my usernames and passwords and I have 37 different accounts (most with unique usernames and password). Plus, there are several sites where I use the same usernames and password combinations. You may ask why are some unique and why are some shared. The answer is based on the risk of a username or password be compromised. If I consider an account to have a high value, high degree of loss/impact if hacked, then it gets a unique username or password. Let's look at email accounts as a good example.I have a unique username and password for my five email accounts. However, I do have one email account that is reserved solely for providing a username for other types of access. When I go to a site that requires an email address to set up an account, that is the one I use. Plus I am not always selecting a unique password. The assumption is that if that username and password is stolen, then the other places it can be used are only website accounts of low value. I also have a second email account that I use to set up more sensitive assess, Google Drive, for example. This allows me to limit the damage if one of the accounts is compromised and not end up with a daisy chain of hacked accounts.
So how do you go about generating a bunch of passwords? One easy way is to go into your favorite search engine and type in password generator. You will get a fairly good list of applications that you can use to generate medium to strong passwords. When I used to teach security this was one trick I would share with my students. Write a list of 4 or 5 short words that are easy to remember. Since my first name is Steve we can use that. Add to this password a short number (4-5 digits in length),1999 for example. Now pick a word and number combination and intersperse the numbers and letters S1t9e9v9e would be the result of Steve and 1999.
Longer words and longer numbers make strong passwords -- phone numbers and last names works well. With 5 words and 5 numbers you get 25 passwords. One nice benefit of this approach comes when you need to change your password. Write the number backwards, and merge the word and data back together.
Next challenge: how to remember them all. Some of the passwords I use I tend to remember due to repetitive use. Logging into my system is one I tend to remember, even through it is 11 characters long. But many of my passwords I use infrequently, my router for example, and many have the “remember me” function when I log on. What happens when I want to recall one of these? Well the first thing is not to write them down unless you absolutely have to. You would be amazed how many times I have seen someone’s password taped on the underside of their laptop. A better option is to store them on your machine. How do you do that securely? Well there are several ways.
One easy way is to use a password vault or password manager. This creates a single encrypted file that you can access with a single username and password. Username and password combinations can then be entered into the password vault application together with their corresponding account. The big advantage is that it is now easy to retrieve the access data with one username and password. The one flaw is: what happens if the drive crashes that contains the vault application and data? If you use an encrypted vault, then you can place the resulting file on a cloud drive. This solved the machine dependency and has the added advatage that the password is generally available to multiple machines. If you want to get started with a password vault application, here is a good article that compares some leading products.
Another option is to roll your own. Create a text file and enter all of your account/username/password combinations. Once you are done, obtain some encryption technology. There are open source products, truecrypt is the leader, or you can use the encryption built into your OS. The advantage of using open source is that it runs on multiple OS. Encrypt the text file using your software. Caution: do not use the default file name the application gives you as it will be based on your text file name.
Once you have created your encrypted file from the text file, open the text file again. Select all the text in the file and delete it. Then copy a large block of text into the file and save it (more then you had with the passwords). Then delete the file. This will make sure that the text file cannot easily be recovered. If you know how to securely delete the file do that instead. Now you can remotely store the encrypted password file in a remote location, cloud storage, another computer, USB drive etc. You will then have a copy of your password file you can recover should you lose access to the one on your main machine.
Now, if you do not want to use encryption, then there is a very geeky option. But why wouldn’t you use encryption? Most programs use specific file extensions for their encrypted file. When auditing, the first thing I would look for is files with encryption extensions. I would then look for any files that were similar in size or name to see if I could find out the source. This included looking through the deleted file history.
The other option is steganography, or stego for short. The simple explanation is the ability to bury information into other data - for example pictures. Rather than give a detailed description of the technology here, take a look at its Wikipedia page There is also a page with some tools on it. For a long time, my work laptop had a screen saver that contained all my passwords. I am thinking of putting a picture up on Facebook next.
So here are a few simple rules on handling multiple passwords:
1) Try and use uniques usernames and password for sensitive account. You can use the same username password combination for low sensitive accounts.
2) Run through an exercise and ask yourself, what happens if this account is hacked. i.e don't use the same username and password for everything.
3) Do NOT write down your passwords to store them, unless you have a very secure place to store the document e.g. a safe.
4) Make sure you have a secure back-up copy of your passwords, use encryption or steganography.
July 29, 2014
Stromasys spreads word of spreading wings
The makers of the only HP 3000 hardware emulator are not a new company, but Stromasys is starting to outline the new structure of its firm in a communication to its clients and partners. Last week the corporation emailed notice of a set of managers to "strengthen its management team" and a announce the creation of a new R&D center.
In May the company's main HQ was moved to a larger facility in Geneva, and an Asia-Pacific unit will be located in Hong Kong. Some of the changes to the company were reported in brief at the end of 2013. But Chairman George Koukis, who started the banking software Temenous Group and leads that sector of software systems, speaks out in the update about the intrinsic value of CHARON.
"Charon prolongs the life of software by protecting it from constant change in hardware technology," he said. "Temenos' worldwide success meant that I replaced many systems; I am painfully aware of the immense cost of replacing or migrating application software."
Worldwide expansion through a partner network looks to be a key mission objective of the latest communique. When the company was briefing North American customers for the first time in May 2013 on a Training Day, the managers said that a channel structure for partners was being designed. Frédéric Kokocinski is the new Global Head of Channel Management. The new channel strategy focuses on marketing and communication -- including a comprehensive product roadmap -- certification for resellers, plus support through knowledge sharing, as well as a fresh push on sales.
The company has offices in place in Raleigh, NC, Switzerland, and Hong Kong. Gregory Reut is Head of Support. The company is meeting with partners to outline and detail the changes in its organization. Isabelle Jourdain is Head of Marketing. The company's co-founder, Robert Boers, remains connected to the company as a technology advisor to the board of directors.
June 30, 2014
Update: Open source, in 3000 ERP style
An extensive product roadmap is part of the OpenBravo directions for this open source ERP commercial solution
Five years ago today, we chronicled the prospects of open source software for HP 3000s. We mentioned the most extensive open source repository for MPE systems, curated by Brian Edminster and his company Applied Technologies. MPE-OpenSource.org has weathered these five years of change in the MPE market and still serves open source needs. But in 2009 we also were hopeful about the arrival of OpenBravo as a migration solution for 3000 users who were looking for an ERP replacement of MANMAN, for example -- without investing in the balky request-and-wait enhancement tangle of proprietary software.
Open source software is a good fit for the HP 3000 community member, according to several sources. Complete app suites have emerged and rewritten the rules for software ownership. An expert consulting and support firm for ERP solutions is proving that a full-featured ERP app suite, Openbravo, will work for 3000 customers by 2010.
[Editor's note: "We meant work for 3000 customers" in the sense of being a suitable ERP replacement for MPE-based software].
A software collective launched in the 1990s by the University of Navarra which has evolved to Openbravo, S.L., Openbravo is utilized by manufacturing firms around the world. Openbravo is big stuff. So large that it is one of the ten largest projects on the SourceForge.net open source repository, until Openbravo outgrew SourceForge. The software, its partners and users have their own Forge running today. In 2009, Sue Kiezel of Entsgo -- part of the Support Group's ERP consulting and tech support operations -- said, “We believe that within six to nine months, the solution will be as robust as MANMAN was at its best.”
From the looks of its deep Wiki, and a quick look into the labs where development is still emerging for advanced aspects such as analytics, Entsgo's premonition has come to fruition. Managing manufacturing is easily within the pay-grade of open source solutions like OpenBravo.What we reported on five years ago is no less true today. Open source is an essential part of enterprise IT by now, though. Entsgo's predictions were spot-on.
Open source solutions can span a wide range of organization, from code forges with revisions and little else to the one-stop feel of a vendor, minus the high costs and long waits. Openbravo is in the latter category, operating with hundreds of employees after having received more than $18 million in funding. If that doesn't sound much like the Apache and Samba open source experience, then welcome to Open Source 2.0, where subscription fees have replaced software purchases and partner firms join alongside users to develop the software.
Openbravo says the model is "commercial open source business model that eliminates software license fees, providing support, services, and product enhancements via an annual subscription." Entsgo says you have a company that supports it, and you can subscribe to it and verifies it, upgrades it and maintains it — all of that under one company name.
“In the 3000 community, we’re used to the independence of the open source model,” said Kiezel. “We’re used to tools that are intuitive, and if you look at us, we should be able to embrace open source more than any other community.”
Open source practices turn the enhancement experience upside down for an application. In the traditional model, a single vendor writes software at a significant investment for high profits, then accepts requests for enhancements and repairs. A complex app such as ERP might not even get 10 percent of these requests fulfilled by the average vendor.
The open source community around Openbravo operates like many open source enterprises. Companies create their own enhancements, license them back to the community, and can access bug fixes quickly—all because the ownership is shared and the source code for the app is open.
June 27, 2014
Mansion meet takes first comeback steps
A few hours ago, the first PowerHouse user group meeting and formation of a Customer Advisory Board wrapped up in California. Russ Guzzo, the guiding light for PowerHouse's comeback, told us a few weeks ago that today's meeting was just the first of several that new owner UNICOM Global was going to host. "We'll be taking this on the road," he said, just as the vendor was starting to call users to its meeting space at the PickFair mansion in Hollywood.
We've heard that the meeting was webcast, too. It's a good idea to extend the reach of the message as Unicom extends the future of the PowerHouse development toolset.
This is a product that started its life in the late 1970s. But so did Unix, so just because a technology was born more than 35 years ago doesn't limit its lifespan. One user, IT Director Robert Coe at HPB Management Ltd. in Cambridge, wants to see PowerHouse take a spot at the table alongside serious business languages. Coe understands that going forward might mean leaving some compatibility behind. That's a step Hewlett-Packard couldn't ever take with MPE and the HP 3000. Some say that decision hampered the agility of the 3000's technical and business future at HP. Unix, and later Linux, could become anything, unfettered by compatibility.
Coe, commenting on the LinkedIn Cognos Powerhouse group, said his company has been looking at a migration away from Powerhouse -- until now.
There were many business decisions made about the lifecycle and sales practices for PowerHouse over the last 25 years that hampered the future of the tool. Coe found technical faults with the alternatives to PowerHouse -- "over-complicated, hard to learn, slow to develop, difficult to maintain, prone to bugs, with far too much unnecessary and fiddly syntax."
I would like to see Powerhouse developed into a modern mainstream language, suitable for development of any business system or website. If this is at the expense of backwards compatibility, so be it. We are developing new systems all the time, and at the moment are faced with having to use Java, c# or similar. I would much rather be developing new systems in a Powerhouse based new language, with all the benefits that provides, even if it is not directly compatible with our existing systems.
The world would be a better place if Powerhouse was the main platform used for development! I hope Unicom can provide the backing, wisdom and conviction to enable this to happen.
But he was also spot-on in tagging the management shortcomings of the toolset's previous owners:
- Cognos concentrated on BI tools, as there appeared to be more money in them
- IBM bought Cognos for its BI tools for the same reason
- Powerhouse development more or less stopped many years ago
- Licences were very expensive compared to other languages. which were often open source and free
- Powerhouse was not open source and therefore didn’t get the support of the developer community
- Backwards compatibility was guaranteed, stifling major development
Powerhouse is a far superior platform for development of business systems. I cringe at the thought of having to use the likes of Java to replace or current systems or to develop our future systems!
Bob Deskin, hired by UNICOM to advise the new owners on a growth strategy for the toolset, reminded Coe that things like Java, Ruby, Python and Perl were not purpose-built for business.
Don't be too hard on those other languages. Some of them aren't what I would call complete programming languages. Some are scripting languages. And some are trying to be all things to all people. PowerHouse was always focused on business application development. Hang in for a while longer and watch what UNICOM can do.