Previous month:
March 2013
Next month:
May 2013

April 2013

How to Shift a 3000 from FTP to SFTP

I have a script that uses FTP to send files to a site which we open by IP address. We've been asked to change to SFTP (port 22) and use the DNS name instead of an IP address, and I don't believe the 3000 supports that. Does it? If so, how?

Allego's Donna Hofmeister replies:

I'm not sure you want to do SFTP on port 22.  That's the SSH port. SFTP is meant to use port 115. Have a look at one of Allegro's white papers on how to do SFTP on MPE

If you are going to use DNS, you must have your 3000 configured for that.  It's easily done. 

Continue reading "How to Shift a 3000 from FTP to SFTP" »


MB Foster tips hand on hybrid migrations

In a sneak peek of a May 1 general release, MB Foster is announcing a hybrid of solutions aimed at making migrations off the 3000 easier. The company is calling its offering MBF eZ-MPE.

Software for migrating data, entire databases and more has been in the MB Foster stable for several years. Some of the solutions, like the data migration products, have been working in production environments since the late 1980s. Data Express moved corporate 3000 IMAGE data into desktop environments; eventually that product was transformed and expanded into Universal Data Access (UDA) software and solutions. Lately, the company has begun to sell some of its software -- previously used only for services engagements -- to sites for their own use.

Two years ago MB Foster released an MBF Scheduler to replace the job scheduling capabilities of MPE/iX for the Windows environment. More recently, the UDALink tool was migrated to work with HP's Itanium servers in the Unix environment.

Now the collection of this software tool development as well as services is making its debut as eZ-MPE. "The value of MBF eZ-MPE is its collective ability to mimic the HP3000 environment," said a release that's on its way to the rest of the 3000 community by May 1.

Continue reading "MB Foster tips hand on hybrid migrations" »


Ginny Seybold, 1925-2013

MomAt80There will be no regular 3000 Newswire posting today, due to the unexpected death of my mom Ginny Seybold. She passed away this afternoon quietly, in the Franciscan Care Center of my hometown of Toledo. Virginia Seybold was 87, a Depression-era youngster who danced on roller skates as a girl, full of spark and a spirit, Irish to her core, a young woman who became the mother of four Baby Boomer children. I will miss her always. Along with the tomorrows that she no longer can give, generous as a mother's kisses, there will be no extra yesterdays for us as well. She raised us all Catholic, but I hear another prayer today. "She will live on in the hearts and minds of those who loved her."

How to Conduct a Security Assessment

Editor's Note: Migrating HP 3000 sites must be responsible for security in more extended detail, once they move operations onto open enterprise environments. In the first of a series of articles, CISSP security expert Steven Hardwick of Oxygen Finance outlines the basic security concepts -- and how security controls fit together to provide an overall protection environment.

By Steven Hardwick

First in a Series

Security_guard_iconAs penalties increase for loss of data, more and more regulations are forcing organizations to protect it. Couple this with new technologies that are moving information into the cloud and a perfect storm is forming -- one that will force IT professionals to regularly evaluate the security status of their infrastructure. To aid this effort, this series will cover

1. Introduction to security controls
2. Overview of security regulations
3. Tips on conducting a security assessment

By understanding how security systems are built as a whole it will be easier to comprehend the myriad of requirements detailed in a security regulation. Sometimes it is difficult for IT professionals to see the woods when they are stood in front of a bunch of trees. Plus, taking a broader view can give a better understanding of the challenge and the potential solution. It is not always as simple as encrypting data or adding another firewall. 

Where to Start

The majority of security requirements are focused on protecting information. However, one additional asset that is often overlooked, especially in the commercial sector, is the people.

Once when conducting an audit, I noticed water sprinklers in the computer room. After asking the IT manager where the cut-off switch for the room was, he did not know, nor was it clearly marked. Consequently, if the water came down and someone was in the room, it was not obvious how to turn off the power. Fortunately, it's included in some requirements, but ensuring human safety is not the primary responsibility of the IT department. It's the data that must be protected.

Continue reading "How to Conduct a Security Assessment" »


Program for legacy with a legacy dev tool

Good tools don't always survive bad times. When HP pulled its plug from the 3000 dynamo, popular development tools began to slide. One of our favorite COBOL legends and 3000 consultants, Bruce Hobbs, was looking for ways to connect to the legacy community for such a dev tool, Programmer Studio.

"I have a vague recollection that you published something awhile back regarding the demise of Whisper Technology, and the situation for anyone now interested in using the Programmer Studio product," Hobbs said. "Could you please point me in the right direction?"

Ad1993_HP3000The genesis of Programmer Studio comes from the days when HP was still buying print ads for the HP 3000 in the general computer industry trade press. Ads that astounded the installed base -- like the one at left -- because they were so rare, and resonated so well with the established consumers. The 3000 had giant corporations using it, something HP had to admit from time to time while it labored to create a business computing market for Unix. Whisper popped up often when we surveyed the legacy developer community in December. This is unsupported software, but it's still in use at the occassional programmer's bench, such as the one that Michael Anderson operates at J3K Solutions.

I was never much for purchasing tools for development. However, since the late '90s onward, I used Programmer Studio from Whisper Technologies as a "character based" editor. In the latter years of working on MPE, the languages I used also included Java, Perl, and SQL.

To date I still use Programmer Studio to develop software on the HP 3000, HP 9000, and flavors of Unix including Linux. Now that I am using languages like JavaScript with HTML and CSS, Programmer Studio knows these, as well as COBOL, Suprtool and Quiz.

(In a bit of circular technology, the Robelle programming tool for the HP 3000, Qedit for Windows, also knows a lot about Suprtool -- since Supertool is also a Robelle product.)

"But today I don't use the HP 3000 much any more, nor Windows," Anderson added. "For years Programmer Studio kept me tethered to Windows as my favored editor. Recently I've started using JEDIT on Linux. JEDIT doesn't know how to access the HP3000, so for that I still use Windows along with Programmer Studio."

Continue reading "Program for legacy with a legacy dev tool" »


How app portfolios increase career value

PennyplantGetting an HP 3000 back into discussion at the boardroom level can be tough. In a lot of places still running MPE/iX applications, the programs that drive company computing have become invisible as the grain in a fine piece of wood that makes up a boardroom table. Application Portfolio Management (APM) can be a means to increase the visibility of HP 3000s.

And if that visibility leads to a more energized transition plan — because now the executive management sees how vital the MPE/iX application is to meeting company goals — that's a good thing as well. Retiring out with the HP 3000 is an option for some managers. For many others, outlasting the server is becoming the genuine challenge. Leaving a legacy as an IT pro, instead of the just the 3000 expert, is one way of nurturing a career.

You have to know how to treat applications as assets, to frame software as if it's as essential as cash on hand for a company. APM doesn't get cited much by the 3000 manager who's been a technologist to deliver value to a company. This is the business side of business computing. Learning more about it gives a manager a greater skill set. Best of all, these practices make it easier to justify IT acquisition and expansion and yes, even a migration with its profound expense.

Tomorrow (April 24) at 2PM Eastern Time, MB Foster is leading a 45-minute webinar with time for questions about APM as part of its bi-weekly Wednesday Webinars. "Do you want executive management to understand the condition of IT applications -- built, bought or accumulated through M&A, or acquired for a specific need -- and how they grow the business and how they affect future budgets?" The answer to that would probably be yes, just to ensure that the asset called the HP 3000 applications get their accurate valuation.

Continue reading "How app portfolios increase career value" »


Comparing Costs of Staying for 5-10 Years

Keep-Calm-Stay-PutLast week's CAMUS online-phone RUG meeting included a comprehensive exam of staying on MANMAN for at least another five years. The proposal, outlined by Terry Floyd of the Support Group, showed a cost exceeding $40,000 a year to keep running an HP 3000 with the ERP application plus crucial support for hardware and all software.

His estimation, for a Series 939 low-end system with 30 users' worth of MANMAN (all numbers are annual)

Hardware support - $5,000
MPE/iX support - $2,000
MANMAN application support - $10,000
Support for vendors of third party software - $10,000, on average
Electric power and cooling - $12,000

Including miscellaneous costs of $3,000 yearly, that's a total of $42,000 to stay on MANMAN each year. "That doesn't even include salaries," Floyd said. "These are costs directly related to MANMAN." One user pushed back on the third party software support costs, saying the estimate was low.

One way to cut back on these costs would be to run MANMAN on the cloud, Floyd said. This development, if it ever emerges for the MANMAN community, would be via the Stromasys emulator, which sits in a Linux cradle. Linux is even supported by the HP Cloud, a newcomer to the virtual server vendor lineup. (HP-UX is not supported). The cloud reduces hardware-related expenses and wipes out electrical, versus a cost of $200 a month per user.

(Stromasys officials on the call said they thought Floyd may have been referring to one of the possible options for people wanting to migrate off the 3000. There's been no testing or instances of the emulator running from a cloud service yet.)

So while looking at the numbers and the state of 3000-based cloud options, one of the larger points that Floyd made in his review is that MANMAN, even today on current 3000 hardware, could remain a viable place to stay with manufacturing IT -- so long as the ERP instance has up to date modifications for interfaces and integration, properly documented so they don't become tribal knowledge. Plenty of MANMAN sites have modified their application. Mods are part of the MANMAN Way.

Continue reading "Comparing Costs of Staying for 5-10 Years" »


Where Everybody Knows Your CPUNAME

CheersThe iconic TV show Cheers splashed a theme song about the fictional Boston tavern every Thursday, way back in the 1980s. It was a drinking outpost "where everybody knows your name, and they're all so glad you came." If attendance works out well for Stromasys at its HP 3000 Social -- four weeks away -- they're likely to have the same sort of turnout. The Tied House will be a place where everybody knows your name because so many will be familiar to each other. That's what more than three decades of community gives you.

This week the blue and white postcards arrived in mailboxes announcing the combination of Social and Training May 9-10. We found one in our mailbox, but word of the event is spreading beyond the reach of the US post. Vladimir Volokh of VEsoft called to report he'll be at the Tied House. Neil Armstrong, developer and curator of Suprtool, has also been tracking the event closely.

These VIPs of your community will be joined by people experienced in 3000 matters who seek a way around aging HP hardware for MPE. And there will be some stopping by to see the names that they know and meet new ones with something in common. Everybody there will be listening for news about licensing. Right now this is a rare brew that prospects are thirsting for if they want to emulate a production machine.

Continue reading "Where Everybody Knows Your CPUNAME" »


How Ending Support Might Change Things

If the above subject seems obvious, then the story of the HP 3000 and MPE has had moments to refute it, as well as prove it. Hewlett-Packard considered the end of its vendor-priced support to be the ultimate change in 3000 ownership. If HP wouldn't support MPE and the 3000, who'd use it?

That one is filed as a refute -- several thousand companies have relied on 3000s and MPE over the four-plus years since full HP support ended. Even as a government-required archival system, the computer outlasted the end of HP support.

CliffBut in proof of ending support as a trigger of change, we offer the case of the disappearing database. No, not IMAGE, still wired to this day with elegance into the MPE filesystem and 3000s. No, we're examining Oracle here. Many IT managers consider Oracle to be the industry leader. So if its support drove off the 3000 cliff, and so dropped off for MPE after Y2K, didn't that deal a crashing blow to the user community?

One manager who wants to remain anonymous, but still tends to a 3000, told us this week that he believes it was true. "I asked HP people at a trade show if they had heard how Oracle, recently in court and in the news, began the demise of MPE -- when in a previous pre-Sun business decision, they announced end of support for Oracle on MPE?"

Yes, the end of this support did change the 3000's future -- at HP. In the early 1990s HP was hoping that IMAGE would become only one of several database options for the servers, and so it tried to unbundle the custom-tailored IMAGE from MPE. This was meant to make room for the likes of high-dollar Oracle, or other databases which had not made the port to the 3000. HP wished they would do so. Hewlett-Packard's 3000 group pined for SQL Server on MPE.

But Oracle never was thrilled to be part of the 3000 ecosystem. There was so much more profit to be had in the Unix world, or up on IBM mainframes. In 1985 I was reporting on rumors that Oracle was moving to what we were still calling MPE V at the time. The Oracle VP I reached had a question for me. "Why in the world would we do that?"

Continue reading "How Ending Support Might Change Things" »


HP hardware: bargain, but needed now?

It's an interesting time for 3000 hardware these days. Prices have dropped severely for unlicensed HP iron. Meanwhile, there's a no-cost way to use a computer to run MPE/iX, thanks to the Charon HPA/3000 emulator, Model A202, freeware edition. Times are plentiful for ways to run MPE software, if the license is not much of an issue.

The HP-brand hardware is flowing so freely that I had a reseller ask if I wanted to buy an N-Class at an astounding price. Nothing that the rest of the public couldn't get off eBay. However, in that offer anybody would have to come up with their own license for MPE/iX.

Nothing's perfect this year about acquiring an MPE server. On one hand you have the option of real HP iron, power-hungry but the genuine engine. However, the HP-badged boxes need disks and memory and components in reserve for real support, the kind of items that a system manager would scavenge from things like an $1,800 N-Class. A support contract for MPE, as well as the hardware, is part of that equation. If you've got an MPE/iX license, let's just say it's about a $2,000 investment, plus the ultra-important hardware-MPE support contract purchase. 

And you need that MPE/iX software support no matter what you're doing, unless you've got enough experience to be selling those services yourself.

The bottom line on an emulated, virtual HP 3000 is higher, unless you're freewaring it. You can expect there are nominal consultants -- retired but available -- who'd use the A202 to discover bug fixes and workarounds. The better ones will have the real HP iron, running tiny, 9GB LDEV 1 disks. The beefiest drive you can put in a 3000 is 146 GB.

But I have to admit, I thought for awhile about that offer of an N-Class for under $2,000. It was a kind of a "get it while you can, the price won't be better than this" sort of decision. For a production or a development shop, it's likely to be different. A manager could figure that a 5-figure cost to acquire Charon emulator software, plus support for it, could be balanced against the cost to maintain a stable parts depot. Emulation installs mean that hardware support goes way down, to about $100 a year for a typical Intel-Linux box. But adding any kind of 3000, emulated or iron, to our offices would be news. Operating my own MPE system has never been a part of my 28 years of working in our community.

Continue reading "HP hardware: bargain, but needed now?" »


Why There are Always Parts Available

N-Class 220Last week on the 3000 newsgroup, HP hardware supplier Cypress Technology was offering an N-Class HP 3000 for $1,800. Cypress was even including an option to custom-configure the server at that price. The 3000 was selling without a license that could be transferred. But even this kind of investment would make an adequate disaster recovery system, given that it has a copy of MPE/iX already loaded on it. Even more useful would be the parts from the server -- a value at $1,800.

The Cypress box is a single 220MHz CPU with a 1.5Mb cache, 4GB total memory, a 9GB boot disk drive (how quaint; just a bit larger than a $7 thumb drive of today) and a 147GB main storage disk drive.

Hewlett-Packard once told the 3000 community that the vendor could provide custom legacy support through 2010, but the offering would depend on parts availability and the age of the HP 3000. But older systems might have parts which are no longer on the HP warehouse shelves.

But no matter how old the HP 3000 might be in your shop, you can be reasonably sure that spare parts will not prevent you from keeping it working. Five years ago this month, Wyell Grunwald offered a "practically free" HP 3000 on that same 3000 newsgroup. All that Grunwald wanted was the cost of shipping to send the 200-pound server onto its new home.

After one quip about this early '90s server making a good bookend, another community member said they could use the system for parts. Imagine, an HP 3000 PA-RISC server built in 1990 — yes, 23 years ago — still has parts available in your community.

Continue reading "Why There are Always Parts Available" »


SM for Everyone!

By Bob Green

Vladimir Volokh of VEsoft fame called us to pass on an interesting story.

RobelleTechHe was doing MPE system and security consulting at a site. One of his regular steps is to run VESOFT’s Veaudit tool on the system. From this he learned that every user in the production account had System Manager (SM) capability!

Giving a regular user SM capability is a really bad thing. It means that the users can purge the entire system, look at any data on the system, insert nasty code into the system, etc. And this site had just passed their Sarbanes-Oxley audit.

Vladimir removed SM capability from the users and sat back to see what would happen. The first problem to occur was a job stream failure. The reason it failed was because the user did not have Read access to the STUSE group, which contained the Suprtool "Use" scripts. So, Suprtool aborted. 

“Background Info Break”

For those whose MPE security knowledge is a little rusty, or non-existent, we offer a a helpful excerpt from Vladimir’s son Eugene, from his article Burn Before Reading - HP3000 Security And You – available at www.adager.com/VeSoft/SecurityAndYou.html

Continue reading "SM for Everyone!" »


Stromasys Social meets at historic brewery

The free HP 3000 Social next month on May 9 -- prelude to the first free Stromasys Training Day on May 10 -- will take place in a private section of the Tied House Brewery and Cafe at 954 Villa Street in Mountain View. The official Stromasys webpage for this spring's Social+Training event promises heavy appetizers and free drinks at the Social, starting at 6 PM.

Tied HouseThe Tied House website reports that the bistro is the 4th oldest microbrewery in California, and Silicon Valley’s original microbrewery. The cafe and brewery share the same building, with the Clubhouse mug wall on one side and the brewing operation on the other. After pouring 10 million pints since 1988 -- and sending a coaster into space with NASA astronauts -- Tied House beer awards include Gold, Silver, and Bronze medals from the Great American Beer Festival, plaques from the World Beer Cup, and First Place Gold from the California State Fair.

The microbrewery is a 5-minute drive from the Computer History Museum on Shoreline Drive, where the Friday May 10 training takes place. A free lunch will be served during the 10-4 training that day. You can make your reservations for the Social -- as well as the next day's training on the world's only HP 3000 emulator -- at the Stromasys event's webpage, www.stromasys.com/hp3000event

Continue reading "Stromasys Social meets at historic brewery" »


Fast Text Searches speed new Eloquence

Marxmeier Software AG has announced the Eloquence B.08.20 release candidate is available for downloading from the Eloquence web site. Testing was expanded for this IMAGE-workalike database, after a beta period during 2012, and "and we incorporated customer feedback," said company president Michael Marxmeier. The extra development time yielded some details and improved documentation.

A B.08.20 production release of this replacement database for IMAGE applications migrated to Windows, Unix or Linux, "is expected to be available shortly and should be identical to the release candidate."

As we noted here in our 2012 summertime reports, Eloquence 8.20 introduces new functionality and enhancements in various product components. Most noticeable are

• Database full text search, adding fast and flexible search engine capabilities to the Eloquence database.

• Various database enhancements, including support for protected  password files, repacking a database and improvements to  replication management.

• Support for converting PCL output of existing applications to PDF documents on the fly.

UDALink-EloquenceEloquence, a software solution more in line with HP 3000 budgets than Oracle or SQL Server, also has its own programming language. The company said that substantial improvements to the language include syntax enhancements, supporting path to access files, class methods, external classes, and on-demand loading of program code.

"Now is the perfect time to familiarize yourself with the new release," Marxmeier said. "Download a copy and try out new features or enhancements. We are happy to provide temporary license keys to try out optional features."

Continue reading "Fast Text Searches speed new Eloquence" »


HP launches Moonshot, chairman Lane

MoonshotRay Lane was brought in to Hewlett-Packard's board to refocus HP on the software marketplace. The company could see that the era of hardware margins was fast declining, and all of the highest hopes were aimed at the non-physical product. The actions to purchase Palm for its WebOS, as well as Autonomy for five times as much as that $2 billion, were the realization of a long-time HP dream.

Back in 1990 I rode a tour boat into San Francisco harbor. As a reporter for The Chronicle, I was being hosted for the HP CIMinar, where the CIM stood for Computer Integrated Manfacturing. Hewlett-Packard had a press liasion, Charlie Preston, who told me that the company pined for a day when it would manufacture little to nothing.

"It's all in software and services, Ron," he said. The boat was having a hardware failure at the time, a total loss of power within sight of the famous San Francisco Embarcadero Pier. While we bobbed and they kept filling our glasses, Charlie explained that the real power of computing was in services, aided by software. "In 10 years we don't want to be manufacturing much, including computers," he said.

One extra decade later, HP seems to be taking steps away from a virtual computer resource. Last week's exit of board director Ray Lane from the HP Chairman's seat seems proof enough that software has had its bumpy road of acquisitions. Hewlett-Packard didn't get its cart in the ditch without some risk-taking leadership. Lane arrived after years of Oracle work, savvy and a kingmaker. He remains on the HP board, but new leadership will be launching about the same time as the newest of HP hardware, the Moonshot servers.

Continue reading "HP launches Moonshot, chairman Lane" »


Good tools making an impact, then and now

By Brian Edminster
Applied Technologies

I was always jealous of shops that could afford good tools.

Let me explain. Awhile back, I read about HP's history of trying to launch a successor to IMAGE. It was supposed to be called HPIMAGE.  It was supposed to be slicker than... well, it was supposed to have all the ability to dynamically index and/or restructure your data that a modern SQL relational database managment system allows, without losing the speed and robustness that makes TurboIMAGE famous. I can recall a few times that having the ability to dynamically restructure a database (while it's in production!) would have been handy. (See: zero downtime) 

Then again, a well designed database in a stable application normally shouldn't need that sort of thing with any sort of regularity. Lately, I'm seeing the need to re-structure/alter indexing as a symptom of not knowing your data's demographics and/or designed usage patterns -- especially as the application's data volumes grow.  

This need to restructure is also a side-effect of trying to use a single database both as an operational data store (current data only, for day to day production), as well as for research/reporting data warehousing -- where the data is relatively static, but may go back years. Again, that's lazy design. Don't try to make a sports car have the hauling capacity of a truck. You'll end up with neither.

What changes we did need to make, were done with:

1) DBUNLOAD/DBUTIL, PURGE/DBSCHEMA/DBUTIL, CREATE/DBLOAD -- if we were poor (and couldn't afford Adager or other similar tools), or

2) DICTDBU/DBUTIL, PURGE/DBSCHEMA/DBUTIL, CREATE/DICTDBL. This allowed unloading to a tape or disk file -- so if we had enough free space, we could skip using tape, and it was much faster!  Also allowed simple re-structuring of the database.

We could do the adding, moving, deleting, and changing the type of datasets; and adding/removing paths, and/or re-arranging order of items in a set. Unfortunately, this was only present if we were lucky enough to be users of Dictionary/3000, or the HP Customizer technology products like MM or HP's Financial software.

3) Best and fastest of all, Model 2 Adager. This even allows transforming the data types, in addition to adding new elements or sets.

But there are still very useful tools that remain on any HP 3000 which still has Predictive Support. Tools you might not know you’ve got.

Continue reading "Good tools making an impact, then and now" »


Stromasys to get social to train for Charon

Stromasys-SocialThe creators of the Charon HPA/3000 emulator are rolling out their community carpet in earnest next month. Stromasys is hosting a HP 3000 User Social on Thursday, May 9 -- one month from tomorrow --  and then training at the Computer History Museum the next day, on May 10.

There is a free lunch. In fact, there's a free social on the evening before the training, starting at 6, where refreshments will be on hand, along with 3000 community members. If you couldn't make it to the first HP3000 Reunion in September 2011, this looks like another chance to reconnect in person with your community.

Continue reading "Stromasys to get social to train for Charon" »


Living a Privileged 3000 Life without SM

By Brian Edminster

After reading the article on the safe and prudent use of privileges from yesterday, the subject touched a nerve with me. I've seen too many HP 3000 sites which have SM (or PM) capabilities assigned to production account users. They don't need it, and it adds risk and insecurity to a 3000. Along the same lines of error, PM is granted on insufficiently secured groups where production programs reside.

That first mistake is usually an instance of using a sledgehammer to kill a fly, usually due to laziness or ignorance. But the latter is a sign of careless security, or ignorance. The misuse of MPE/iX privileges is often triggered because application programmers are too lazy (or ignorant) of ways to properly design their applications. They could use the incredibly powerful and finely granular security provisions that MPE/iX allows to avoid this.  

At the least, they could instead have used a lockworded copy of what is commonly known in the 3000 community as the 'GOD' program. This lets the manager who invokes it temporarily gain 'SM' -- much like the 'su' (superuser) command in your favorite flavor of Unix does.  If something with finer granularity is needed, perhaps this is an opportunity for someone to port at least the concept of 'sudo' to MPE/iX.  

Continue reading "Living a Privileged 3000 Life without SM" »


Privileges litter the path to passed audits

Yesterday we studied the ways that migrated HP 3000 data can become forgotten while making provisions for an audit. Since some HP 3000s work as mission-critical servers, these active, homesteading systems must weather IT and regulatory audits. The 3000 is capable of passing these audits, even in our era of PCI, HIPAA and Sarbanes-Oxley challenges — all more strenuous than audits of the past.

However, establishing and enforcing a database update procedure is a step onto filling the gap in the security of an MPE/iX system. HP 3000 managers should take a hard look at how their users employ System Manager (SM) privileges. (Privileged Mode, PM, and System Supervisor OP should also be watched. Overall, there can be 21 capabilities to each user.) In their most strict definition, those privileges can expose a database. Hundreds of users can be created at Ecometry sites; even seasonal help gets SM users, according to one consultant's report, users which are seldom deleted after the holiday has passed. One site had a script to create new users, and each had PM capability, automatically.

VEAudit from VEsoft, using its LISTUSER @.@ (CAP("SM")) filter, can give you a report of all of the SM users on your HP 3000. You can even ask for the SM users where password="". (Now there's a good list to find: SM users who have no passwords.) There is no MPE command that will do such things, we are reminded by VEsoft co-founder Vladimir Volokh. Even after more than three decades of his business as a 3000 software vendor, he also offers consulting on MPE operations and management, and still travels the US to deliver this. 

Privileges are often a neglected aspect of 3000 operations, especially when the system's admin experts have moved on to non-3000 duties, or even to other companies. (Then there's the prospect that nobody knew how to use privileges in the first place.) Some SM users have disturbed the integrity of 3000 databases. It's easy to do accidentally. A creator of a database can also update a 3000 database — a capability that can foul up a manager's ability to pass some audits.

 

If you are worried about arbitrary access via QUERY, you can "disable subsystem access" via DBUTIL. This will, of course, only disable the access on QUERY.

Some less-adept auditors can also demand that a database's password be changed every 90 days. It's quite impossible to do, considering the database password is built into every application program.

So a database's security might be compromised through SM privileges, but it depends on the meaning of "update." This term can be construed to be as restrictive as using DBUPDATE to change an entry. It can also refer to UPDATE access DBOPEN MODE 2. 

To get very specific, an update can mean that the modify date has been changed in the file label of one or more IMAGE-related files. In a very general definition, an SM user can update the database simply by way of a restore from tape. (OP privileges permit this, too.)

Auditors sometimes ask broad questions, the sort of inquiry that fits better with the everyday use of HP 3000s in an enterprise. But for MPE/iX experts, "update" means any kind of modification capability.

So you can answer your auditor's question and say "no, SM privileges don't permit any of our users to update a database in another 3000 account." This answer is true, to the extent that the auditor's concern is about changing data — not just making a minor date change or using DBOPEN MODE 2. For auditors without MPE/iX and IMAGE expertise, well, they might not go so far in their examinations.

As for the SM user's ability to muck up an IMAGE database, it’s a mistake that is not difficult to make. An SM user who obtains a database password can corrupt an IMAGE database just by using the restore command. We’ve heard a story that such a user might explain, "Oops, I thought I was signed onto the test  account."

It's important to make a system fool-proof, because as Vladimir says, "fools are us." 


Decommissioned data forgotten in migration

"It's the most forgotten piece of the migration puzzle," said Birket Foster while he recently led a webinar on best experiences with 3000 transitions. "People are not always remembering that at the end of the day they want to shut off the old 3000."

ForgottenmanWhat Foster means is that even after removing data -- the most essential 3000 and company resource -- project managers need to track what data they must keep to satisfy an auditor. Many companies will still need long term access to historic data. That's either a 3000 and its services that can be outsourced from a third party, or maybe even an emulator virtualization of a 3000, perhaps based in a cloud. Some audits demand that the original 3000 hardware be available, however -- not an Intel-based PC doing a letter-perfect hardware emulation.

After the Great War, the returning soldiers were not welcomed as productive citizens ready to return to work. This kind of veteran was called The Forgotten Man, from Golddiggers of 1933. Perhaps the information in aging 3000s is marching in the same kind of veteran step.

Managers have to consider if they want to move their forgotten 3000 data after a migration, or leave it in a searchable format -- several questions to consider for an auditor's satisfaction. Many 3000 sites we've interviewed have a 3000 running for historical lookups. This is the sort of task that would meet the needs of an audit.

Continue reading "Decommissioned data forgotten in migration" »


CAMUS schedules Spring webinar for April

The ERP and manufacturing user group CAMUS will host its every-springtime user group event on April 17, including discussion about the future of MANMAN led by community advocate and 3000 veteran Terry Floyd of the Support Group.

Camus_logo-r (1)Terri Glendon Lanza, the founder of the Ask Terri ERP and manufacturing consultancy, has announced the call-in and PowerPoint meeting, which will begin at 10:30 Central US time. After an hour of talk and questions about the upcoming years for one of the oldest MPE applications -- still running in several hundred companies -- 3000 homesteading advice starts at 11:45.

Steve Suraci, owner of support and systems provider Pivital Solutions, talks first about Resources for Homesteading. Tom Bollenbeck of Ideal Computer follows up, on the same topic, at 12:05.

The user group's traditional and lively Talk Soup puts a signature on the meeting, which is free. An open discussion is scheduled to start at 12:25. You sign up at the Sign Up Genius website.

Up for discussion: MANMAN Modifications, and a possible CAMUS give-away. "Help us outline contents, actions, or a submission list for modifications with financial assistance from CAMUS," Lanza said in her April 2 announcement. "We could talk about the emulator during the open discussion if you want. Everyone is welcome."

Continue reading "CAMUS schedules Spring webinar for April" »


Pontiff annoints future for old 3000 disciples

1929-mitre-smSpreading his message of hope for disadvantaged communities, newly-appointed Pope Francis gave an Easter address yesterday that offered promise for computer groups beating back injustices. "This is the age of miracles," the Pontiff said in a special high-band broadcast on the new social network Chirpify. Leaders of the HP 3000 homesteading community seized on the proclamation as proof that almighty forces were now at work to turn back the clock of change.

"We're on a mission from god," said 92-year-old Leonard Frapp, the engineer who coined the phrase minicomputer in 1967 after the miniskirt took the world of fashion by storm. "It's a lot sexier than those damn mainframe togs," he said of that creation that made white lab coats passe within a few seasons. "With this, we're using so little server fabric we don't even need a mini -- just a see-through virtualizer. Best of all, I can buy one of these virtual 3000s on Chirpify with my Galaxy phone." While grabbing a spoon, he added it was easiest to buy using the Jimmies with Whipped Cream Android release.

As the Pontiff launched a worldwide tour to spread the message of living on less, the new Pope booked his own reservations for a trip to Mountain View, California, where Stromasys conceived the immaculate idea of hosting the first HP 3000 Social and Stromasys training seminar in early May. Special Emissary for his Holiness Rev. Duce Scholdaduci said the trip will include air travel between New York and the Bay Area on Jet Blue. The pope will sit in the emergency exit row on the trans-American flight, since he's infallible about the safety of  a commercial trip managed by an application created using MPE/iX.

"Hoc genus maxime est via amet," the pope said yesterday from his Twitter account, reaching out to explain why he was breaking with tradition of flying in his own jet in a special visit to the 3000 social. The phrase translates to "This is the most affordable way to go," although it was unclear if the Pontiff was describing the emulator or the coach-class low fares to the Bay Area during May via Jet Blue. The flight will offer a special Vatican Channel on the jet's in-flight entertainment in seat-backs.

Continue reading "Pontiff annoints future for old 3000 disciples" »