John:
I worked in a shop where we did the same thing. The biggest problem we had was that we put labels on the disk in the center, and after a while the labels would fly off and they stuck between platters and screwed up the mechanism. But they were secure. Even WE couldn't read them. At that same shop we used 3420 POTTER tape drives with small tapes and large block sizes that SUCKED the tapes off the reels because you couldn't find an UNWRINKLED piece of tape to write a large block. When I started out in operations, the Payroll guy would come into the computer room with his payroll tapes, guard them with his life while creating the payroll, then take all of the tapes and stand by the printer while the reports and checks were being cut. Nobody was allowed near him. Then, as soon as he was done, he would take the old payroll master files, remove the external labels and put the tapes on the scratch pile and leave. Needles to say the operators and DEBE were busy for the rest of the day. And speaking of DEBE, I worked at one place where we actually had to log the start and end computer meter time for each shift. If you didn't log about 6 hours, they thought you were goofing off and you got called in. Most of the time on third shift when you started at midnight, you were done by 1:00 AM because everything bombed, but when you didn't move the meter by about 6 hours, you got in trouble. So....... most of the operators would start DEBE which as you know just looped till you cancelled it. Those guys were told they did a GREAT job. I refused to do it and got called on the carpet because I only logged about 2 hours. These companies had to spend MILLIONS and produced nothing. Ah ,,,,,,,the good old days. I figured I could write jobs that abended just as well so I went into programming. I couldn't even SPELL programmer but now I are one! LOL! Bill From: IBM Mainframe Discussion List <[email protected]> on behalf of John McKown <[email protected]> Sent: Friday, September 15, 2017 7:42 PM To: [email protected] Subject: Re: Would encryption have prevented known major breaches? On Fri, Sep 15, 2017 at 2:36 PM, Bill Wilkie <[email protected]> wrote: > What if your data was encrypted, you read it into a sort, put the sort > output to a data set where it was NOT encrypted, and someone copied it? Or, > they got it from sort work areas that were left on disk and not erased? > Does that count? > I was told of a company, back in the 3330 days, where the accounting dept had their own set of 3330 disk packs. All their data & their temporary data sets were on these packs. When the "secure" accounting cycle was running, a person from the department brought those pack down. The operators removed the normal temporary storage disks, then mounted the accounting data & work disks. When the cycle ended, the department person took the packs back to the accounting dept and locked them up in a safe. Now that was fairly secure. Oh, and the output was actually taken off the printer by the accounting person. This was in OS/MVT days, and there was no TSO on that system. > > > Bill > > > ________________________________ > From: IBM Mainframe Discussion List <[email protected]> on behalf > of Jesse 1 Robinson <[email protected]> > Sent: Friday, September 15, 2017 7:21 PM > To: [email protected] > Subject: Re: Would encryption have prevented known major breaches? > > I have to keep harping on this. The looming EU regulation on hacking is a > potentially huge legal liability. You cannot defend yourself in court by > arguing that you hire the best people. You can defend yourself only by > showing that the hacked data was encrypted. > > . > . > J.O.Skip Robinson > Southern California Edison Company > Electric Dragon Team Paddler > SHARE MVS Program Co-Manager > 323-715-0595 Mobile > 626-543-6132 Office ⇐=== NEW > [email protected] > > > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:[email protected]] On > Behalf Of zMan > Sent: Friday, September 15, 2017 12:16 PM > To: [email protected] > Subject: (External):Re: Would encryption have prevented known major > breaches? > > Hiring competent people. That's so 20th-century. Get with the program, man! > > On Fri, Sep 15, 2017 at 8:51 AM, John McKown <[email protected] > > > wrote: > > > On Thu, Sep 14, 2017 at 7:41 PM, Tom Brennan > > <[email protected]> > > wrote: > > > > > John McKown wrote: > > > > > >> IMO, encrypting data is a very good defense. Another good defense > > >> is hiring competent people rather than inexpensive people and > > >> giving them > > the > > >> time to design, code, and test their solutions. I don't have > > >> statistics, but many attacks are based on coding errors such as the > > >> infamous "SQL Injection" attacks. On the almost hilarious attacks > > >> which succeed > > because > > >> "whomever" didn't bother to configure the security on some piece of > > >> equipment, and left the administrator credentials as "admin/admin". > > >> Of course, the people & time requirements that I mentioned "cost too > much" > > >> and > > >> "delay time to market". Today's world is based on think up > > >> something in the morning, design over lunch, create before dinner, > > >> ship the next morning. > > >> > > > > > > Did you mention admin/admin because of this news report, or just > > > coincidence? > > > > > > https://nam04.safelinks.protection.outlook.com/?url= > http%3A%2F%2Fwww.bbc.com%2Fnews%2Ftechnology-41257576& > data=02%7C01%7Cbillwilkie%40hotmail.com%7C119fcd6b7a8a4006ca7d08d4fc6f > 0771%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0% > 7C636411001169882688&sdata=NoMB%2BXNEHgLO6qX0aYduhy5TP4x0ANW4Q > ugDNJVVHCc%3D&reserved=0 > > > > > > That was the reason. I just couldn't remember if it was Equifax or > > something else in the news recently; and I was too lazy to double check. > > > > -- > > UNIX was not designed to stop you from doing stupid things, because > > that would also stop you from doing clever things. -- Doug Gwyn > > > > Maranatha! <>< > > John McKown > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > -- UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things. -- Doug Gwyn Maranatha! <>< John McKown ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
