Forgot your password?

Comment: zOS Maintenance and CAB (Score 1) 293

by jacobsm (#46777781) Attached to: Ask Slashdot: System Administrator Vs Change Advisory Board

I'm the zOS Systems Programmer at a Fortune 500 company. When we do system maintenance cycles our CRB just wants to know when the system environment is changing, not what's changing.

If anyone ever does want to know I do have detailed logs and a before and after image of the maintenance management database (SMP/E Consolidated Software Inventory) for them to peruse. They never do; since they don't understand zOS Systems Programming, and they shouldn't have to. It's their job to manage system availability and to ensure that proper testing and system validation activities were performed. It's my job to manage the environmental change.

For anyone who's foolish enough to ask for detailed documentation of every module, macro, load module, dataset, file in the Unix System Services file system that's being modified, well enjoy yourself.

What I won't stand for, is for someone to have veto power over what maintenance goes on. That's my decision, and since I'm the best person in the organization to decide, I do so.

Comment: Re:software (Score 1) 169

by jacobsm (#46683129) Attached to: Fifty Years Ago IBM 'Bet the Company' On the 360 Series Mainframe

You're 100% correct, but I'll add that it's very difficult to get management to bring in new people and give them the opportunity to learn from people who've had decades of experience in the technology and systems that the business depends on.

In my case I'm coming up on 36 years experience in the mainframe world, and I've got no one to teach my skillset to. As for people not wanting to work in a mainframe environment I've got a few comments that might help change their minds.

1) The mainframe isn't going away anytime soon.
2) Competition for jobs in the field is going to be on the side of the job seeker, not the employer once demand picks up (as we geezers retire) and supply of talent will be lower than for the more sexy IT positions.
3) According to the the free market system, if demand is high and supply low, prices rise. And in this case that means your salary.

Comment: Re:To be fair? (Score 2) 95

by jacobsm (#46488861) Attached to: Target Ignored Signs of Data Breach

Not only InfoSec, most warnings from the people who know up to the people who don't know, but have authority to act, or spend money are just ignored.

Several years ago I told Data Center management that a vital piece of hardware had reached end of life and needed to be replaced else we'd be at risk for a total system outage that might last for days.

They didn't want to spend the $30,000 dollars until they absolutely had to, so they ignored my recommendation. In the end, nothing bad happened, but it very easily could have and we'd have lost revenue in the millions of dollars, just so as not to spend money before they absolutely had to.

Comment: Re:Architecturally Insecure (Score 1) 116

by jacobsm (#46331093) Attached to: Complete Microsoft EMET Bypass Developed

I disagree. It's the direct descendant of S/360 and has about 50 years of steady product improvements built in. Malware, running with general user access rights cannot affect system processes in any way, and cannot alter(or read) any memory location that it doesn't have access to. The zSeries hardware, with the operating system is a powerful combination, that Windows and commodity hardware can't touch.

I'm a zOS Operating Systems Programmer with 35+ years experience, and while there have been published security and system integrity patches issued on occasion, Windows has it beat by a mile.

Comment: Architecturally Insecure (Score -1, Troll) 116

by jacobsm (#46330931) Attached to: Complete Microsoft EMET Bypass Developed

Windows, any version, is architecturally insecure. While it can be patched, you're never going to be able to completely eliminate the insecurities. Does Microsoft have a system integrity statement like this? I highly doubt it.

IBM’s commitment includes design and development practices intended to prevent unauthorized application programs, subsystems, and users from bypassing z/OS security – that is, to prevent them from gaining access, circumventing, disabling, altering, or obtaining control of key z/OS system processes and resources unless allowed by the installation. Specifically, z/OS “System Integrity” is defined as the inability of any program not authorized by a mechanism under the installation’s control to circumvent or disable store or fetch protection, access a resource protected by the z/OS Security Server (RACF®), or obtain control in an authorized state; that is, in supervisor state, with a protection key less than eight (8), or Authorized Program Facility (APF) authorized. In the event that an IBM System Integrity problem is reported, IBM will always take action to resolve it

Comment: Changes in technology always affects society. (Score 1) 347

by jacobsm (#44905453) Attached to: What Will Ubiquitous 3D Printing Do To IP Laws?

Laws have to change as technology makes them obsolete. That's not to say that people who have an interest in living in the past won't kick, scream and bribe their congress critters, but eventually they'll lose.

From Heinlein's Life-Line;

There has grown up in the minds of certain groups in this country the notion that because a man or corporation has made a profit out of the public for a number of years, the government and the courts are charged with the duty of guaranteeing such profit in the future, even in the face of changing circumstances and contrary to public interest. This strange doctrine is not supported by statute or common law. Neither individuals nor corporations have any right to come into court and ask that the clock of history be stopped, or turned back.

Comment: Deniability has been improved (Score 3, Insightful) 607

by jacobsm (#44770101) Attached to: NSA Foils Much Internet Encryption

Now that we know the NSA can intercept and decrypt any message, doesn't it also mean that they can change the message to whatever they want, re-encrypt it, and pull it out in a court of law as evidence?

If they do, or even if they don't, I can now say they did, and they can't prove they didn't.

% APL is a natural extension of assembler language programming; ...and is best for educational purposes. -- A. Perlis