shmuel+ibm-m...@patriot.net (Shmuel Metz , Seymour J.) writes:
Fishing with dynamite, are we? OS/360 had so many holes[1] that most
people lost count. Take ISAM - please.
MVS may have holes, but it's harder to find them and IBM is willing to
fix them. It's my fault that the operator can no
re:
http://www.garlic.com/~lynn/2010j.html#32 Personal use z/OS machines was Re:
Multiprise 3k for personal Use?
it was also about the time that the corporation hired a new CSO, long
distinquished career in gov. ... things like having been head of
presidential detail; knew a lot about physical
In 4c0f05b8.2030...@ync.net, on 06/08/2010
at 10:08 PM, Rick Fochtman rfocht...@ync.net said:
OS/360 had a FREEDBUF macro that could SYNCH to a user-supplied exit
in Supv. state Key-0. IIRC, it was part of BDAM.
Fishing with dynamite, are we? OS/360 had so many holes[1] that most
people lost
In 643814fdcaa74b54b6f94196472ef...@pinnacledesk1, on 06/08/2010
at 05:36 PM, Pinnacle pinnc...@rochester.rr.com said:
It would be nice if someone actually documented a hole, instead of
all the urban legends we hear.
I document security holes in IBM software when I report them to IBM. I
From: Andy Wood woo...@ozemail.com.au
To: IBM-MAIN@bama.ua.edu
Sent: Tue, June 8, 2010 6:20:57 PM
Subject: Re: Personal use z/OS machines was Re: Multiprise 3k for personal Use?
On Tue, 8 Jun 2010 17:36:03 -0400, Pinnacle
pinnc...@rochester.rr.com wrote
Rick Fochtman pisze:
-snip--
It would be nice if someone actually documented a hole, instead of all
the urban legends we hear. Outside the magic SVC, or a trusted person
planting malware in an APF library, I don't know of any
On Tue, 8 Jun 2010 20:14:29 -0400 Pinnacle pinnc...@rochester.rr.com wrote:
:same thing. Authorized code can hack MVS, unauthorized code can't.
The security exposures exist when the authorized code trusts an address
passed by unauthorized code.
Authorized code cannot trust anything provided
Pinnacle wrote:
Tony,
Thank you for at least posting two concrete examples of past holes.
There was a recent article in zJournal about hacking z/OS, but it was
disappointing, limited to what we've discussed here. The article
quoted a number of noted gurus (some on this thread), and they
On Wed, 9 Jun 2010 06:01:51 -0700, Edward Jaffe wrote:
I wonder if anyone was able to exploit SMP/E to run arbitrary code in a
privileged state?
You're cruel.
Integrity exposures, like pregnancy, are pretty much devoid of
degree. If a program gets in KEY 0, it can modify system control
blocks.
On 9 Jun 2010 06:38:50 -0700, in bit.listserv.ibm-main you wrote:
On Wed, 9 Jun 2010 06:01:51 -0700, Edward Jaffe wrote:
I wonder if anyone was able to exploit SMP/E to run arbitrary code in a
privileged state?
You're cruel.
Integrity exposures, like pregnancy, are pretty much devoid of
want to find vulnerabilities
and crack the system? For security purposes are we better off with
some kind of regulated hobbyist access to z/OS running under z/VM at
data centers?
re:
http://www.garlic.com/~lynn/2010j.html#14 Multiprise 3k for personal Use?
http://www.garlic.com/~lynn
:
Multiprise 3k for personal Use?
also csc/vm email
http://www.garlic.com/~lynn/2006w.html#email750102
jan75, a couple engineers from POK came up to science center to talk
about doing a 5-way SMP skunkworks effort.
in the morph from cp67 to vm370 ... there was a lot of simplification
and dropping
On 7 Jun 2010 16:31:17 -0700, in bit.listserv.ibm-main you wrote:
-snip
Well I hate to look like a solicitor, but, if there is anyone out there,
particularly in the Houston area, with a multiprise (actually, any mainframe
for that matter, I
On Tue, 8 Jun 2010 22:12:29 +0200 (CEST), starwars
nonscrivet...@tatooine.homelinux.net wrote:
Holes in 3rd party products do not equal holes in z/OS. Get the vendor to
fix his mess.
I don't know if this is necessarily true.
-From an installations point of view all code that runs in system
key (0-7), supervisor state, or has the ability to do so:
-Should be considered part of the operating system (system
extensions if you like).
-Has the ability to circumvent the installation implemented
- Original Message -
From: barryschra...@cs.com
Newsgroups: bit.listserv.ibm-main
Sent: Tuesday, June 08, 2010 5:28 PM
Subject: Re: Personal use z/OS machines was Re: Multiprise 3k for personal
Use?
On 8-Jun-2010, Howard Brazee howard.bra...@cusys.edu wrote:
Holes in 3rd party
On 8 June 2010 17:36, Pinnacle pinnc...@rochester.rr.com wrote:
It would be nice if someone actually documented a hole, instead of all the
urban legends we hear. Outside the magic SVC, or a trusted person planting
malware in an APF library, I don't know of any holes. Please share.
Well no
On Tue, 8 Jun 2010 17:36:03 -0400, Pinnacle
pinnc...@rochester.rr.com wrote:
. . .
Barry,
It would be nice if someone actually documented a hole, instead of all the
urban legends we hear. Outside the magic SVC, or a trusted person planting
malware in an APF library, I don't know of any holes.
- Original Message -
From: Tony Harminc t...@harminc.net
Newsgroups: bit.listserv.ibm-main
Sent: Tuesday, June 08, 2010 5:56 PM
Subject: Re: Personal use z/OS machines was Re: Multiprise 3k for personal
Use?
On 8 June 2010 17:36, Pinnacle pinnc...@rochester.rr.com wrote:
It would
-snip--
It would be nice if someone actually documented a hole, instead of all
the urban legends we hear. Outside the magic SVC, or a trusted person
planting malware in an APF library, I don't know of any holes. Please
share.
--snip--
Well no one is going to step up and document a current hole that they
may know about. Two holes I happen to know of that were fixed so long
ago that it can't possibly matter now, are the whole GAM implementation,
which
Clark Morris pisze:
[...]
In one sense, we need to be careful about what we ask for. Do we want
z/OS to be easily available to those who want to find vulnerabilities
and crack the system? For security purposes are we better off with
some kind of regulated hobbyist access to z/OS running under
access to z/OS running under z/VM at
data centers?
re:
http://www.garlic.com/~lynn/2010j.html#17 Personal use z/OS machines was Re:
Multiprise 3k for personal Use?
the question of security thru obscurity comes up periodically in
relation to provable cryptography ... usely related to terms like
The following message is a courtesy copy of an article
that has been posted to bit.listserv.ibm-main,alt.folklore.computers as well.
re:
http://www.garlic.com/~lynn/2010j.html#17 Personal use z/OS machines was Re:
Multiprise 3k for personal Use?
http://www.garlic.com/~lynn/2010j.html#18
-snip
Well I hate to look like a solicitor, but, if there is anyone out there,
particularly in the Houston area, with a multiprise (actually, any mainframe
for that matter, I mean it depends, but if you have ANYTHING talk to me)
that is
-snip--
Security through Obscurity Isn't -- A semi-anonymous Security Maven, a
few years back
--unsnip
Security through honest and trustworthy staffers IS ---
On 3 Jun 2010 10:42:16 -0700, in bit.listserv.ibm-main you wrote:
Well I hate to look like a solicitor, but, if there is anyone out there,
particularly in the Houston area, with a multiprise (actually, any mainframe
for that matter, I mean it depends, but if you have ANYTHING talk to me)
that
In one sense, we need to be careful about what we ask for. Do we want
z/OS to be easily available to those who want to find vulnerabilities
and crack the system? For security purposes are we better off with
some kind of regulated hobbyist access to z/OS running under z/VM at
data centers?
On Sun, 6 Jun 2010 14:29:32 -0400, William Donzelli wrote:
In one sense, we need to be careful about what we ask for. Do we want
z/OS to be easily available to those who want to find vulnerabilities
and crack the system?
This is admitting defeat; acknowledging that z/OS is so riddled
with
On Sun, 6 Jun 2010 14:29:32 -0400, William Donzelli wrote:
In one sense, we need to be careful about what we ask for. Do we want
z/OS to be easily available to those who want to find vulnerabilities
and crack the system?
Quoted improperly!
--
Will
On 6 Jun 2010 13:19:57 -0700, in bit.listserv.ibm-main you wrote:
On Sun, 6 Jun 2010 14:29:32 -0400, William Donzelli wrote:
In one sense, we need to be careful about what we ask for. Do we want
z/OS to be easily available to those who want to find vulnerabilities
and crack the system?
This
Security through Obscurity Isn't -- A semi-anonymous Security
Maven, a few years back
B
On Sun, Jun 6, 2010 at 3:47 PM, Clark Morris cfmpub...@ns.sympatico.ca wrote:
On 6 Jun 2010 13:19:57 -0700, in bit.listserv.ibm-main you wrote:
On Sun, 6 Jun 2010 14:29:32 -0400, William Donzelli
I think those that are paranoid, are overly so.
Just because an OS is available for public use doesn't make it available for
cracking.
Not that I expect z/OS to ever be available!
-
Too busy driving to stop for gas!
--
For
eamacn...@yahoo.ca (Ted MacNEIL) writes:
I think those that are paranoid, are overly so.
Just because an OS is available for public use doesn't make it available for
cracking.
Not that I expect z/OS to ever be available!
there is folklore about various agencies requesting exact source that
W dniu 2010-06-03 00:52, Kevin Keith pisze:
Hi,
I know this idea might sound crazy, but I was wondering about the prospects
of an IBM mainframe for personal use. I'm aware of the hurdles considering
the Service Element (hard drives being detroyed, etc.) HMC, OSes, and other
problems. My
R.S. wrote:
W dniu 2010-06-03 00:52, Kevin Keith pisze:
Hi,
I know this idea might sound crazy, but I was wondering about the
prospects
of an IBM mainframe for personal use. I'm aware of the hurdles
considering
the Service Element (hard drives being detroyed, etc.) HMC, OSes, and
other
My latest Mainframe Blog post discusses acquiring and configuring a
personal mainframe:
http://mainframe.typepad.com/blog/2010/05/my-personal-mainframe-2010-edition.html
I tend to think that a used z890 (2086-110) is currently the ideal
personal mainframe, possessing an excellent balance of
On 3 June 2010 07:16, R.S. r.skoru...@bremultibank.com.pl wrote:
BTW: MP3K is relatively small, but not less affordable than big 9672.
Not less?
For the home user it's not only a question of acquisition cost. The
MP3000 is a great little box, because it is entirely self-contained
(DASD,
On 2 June 2010 18:52, Kevin Keith krfke...@gmail.com wrote:
I know this idea might sound crazy, but I was wondering about the prospects
of an IBM mainframe for personal use. I'm aware of the hurdles considering
the Service Element (hard drives being detroyed, etc.) HMC, OSes, and other
Thanks for the encouragement Tony. Like I said, I know of several z9s that
have been scrapped, that would've been perfect (they were ECs). You'd think
in a huge city like Houston, with all the industry, oil companies, etc, it
would be easy to find such things, but I've not had any luck yet.
-Original Message-
From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On
Behalf Of Tony Harminc
Sent: Thursday, June 03, 2010 10:30 AM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Multiprise 3k for personal Use?
On 3 June 2010 07:16, R.S. r.skoru...@bremultibank.com.pl wrote
On Thu, 2010-06-03 at 11:44 -0400, Tony Harminc wrote:
Doubtless somewhere a reader of these lists knows that the boss is
deciding that it's cleanup time for that dusty corner of the
datacentre
Well, you make me go and look. There across the parking lot, in an
attic over a farm equipment shop
d...@lists.duda.com (David Andrews) writes:
Well, you make me go and look. There across the parking lot, in an
attic over a farm equipment shop and accessible by forklift, still sits
a bus-and-tag 3088 CTC - plastic wrapped against the elements.
one of the battles my wife lost when she served
Well I hate to look like a solicitor, but, if there is anyone out there,
particularly in the Houston area, with a multiprise (actually, any mainframe
for that matter, I mean it depends, but if you have ANYTHING talk to me)
that is just going to waste that'll be trashed anyway, it would be
---snip-
For the home user it's not only a question of acquisition cost. The
MP3000 is a great little box, because it is entirely self-contained
(DASD, network, etc.) and because it runs on an ordinary household power
circuit.
---snip
Doubtless somewhere a reader of these lists knows that the boss is
deciding that it's cleanup time for that dusty corner of the
datacentre
Well, you make me go and look. There across the parking lot, in an
attic over a farm
Hi,
I know this idea might sound crazy, but I was wondering about the prospects
of an IBM mainframe for personal use. I'm aware of the hurdles considering
the Service Element (hard drives being detroyed, etc.) HMC, OSes, and other
problems. My question is where would one go about looking for one
:00 US/Canada Pacific
Subject: Multiprise 3k for personal Use?
Hi,
I know this idea might sound crazy, but I was wondering about the prospects
of an IBM mainframe for personal use. I'm aware of the hurdles considering
the Service Element (hard drives being detroyed, etc.) HMC, OSes, and other
We've got one sitting in the corner of the office computer room, holding floor
tiles in place. I suspect
others (closer to you) will be in similar situations.
I tried to get a couple of flavours of Linux running on it, but couldn't get
the comms side of it sorted.
Gave up in frustration.
Well I hate to look like a solicitor, but, if there is anyone out there,
particularly in the Houston area, with a multiprise (actually, any mainframe
for that matter, I mean it depends, but if you have ANYTHING talk to me)
that is just going to waste that'll be trashed anyway, it would be going to
50 matches
Mail list logo