In 05ea01d02ddc$927328a0$b75979e0$@mcn.org, on 01/11/2015
at 12:24 PM, Charles Mills charl...@mcn.org said:
Logica was a professional service bureau with a
professionally-maintained z/OS.
FSVO,
They got breached.
How?
One might infer that other MVS sites, and not just those with
lax
In 050701d02c6d$4c43bef0$e4cb3cd0$@mcn.org, on 01/09/2015
at 04:35 PM, Charles Mills charl...@mcn.org said:
A stitch in time saves nine.
Whoosh!
Let me rephrase that in simple terms. Have there been any successful
cracking attempts in the wild against real, present-day mainframes
that
@LISTSERV.UA.EDU
Subject: Re: Young's Black Hat 2013 talk - was mainframe tribute song
In 050701d02c6d$4c43bef0$e4cb3cd0$@mcn.org, on 01/09/2015
at 04:35 PM, Charles Mills charl...@mcn.org said:
A stitch in time saves nine.
Whoosh!
Let me rephrase that in simple terms. Have there been any
] On
Behalf Of Shmuel Metz (Seymour J.)
Sent: Sunday, January 11, 2015 12:31 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Young's Black Hat 2013 talk - was mainframe
tribute song
In 050701d02c6d$4c43bef0$e4cb3cd0$@mcn.org, on 01/09/2015
at 04:35 PM, Charles Mills charl...@mcn.org said
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Young's Black Hat 2013 talk - was mainframe tribute song
Do I know about a violation of the statement of integrity that IBM has not
addressed? No, of course not.
I am not certain that MVS exposures versus lax security is a black and
white dichotomy. It's easy
charl...@mcn.org (Charles Mills) writes:
I am not certain that MVS exposures versus lax security is a black and
white dichotomy. It's easy to look after the fact at any breach and say
aha! You should not have done X. I don't think the role of we security
practitioners is solely pointing out
In 54aae54e.7060...@acm.org, on 01/05/2015
at 01:26 PM, Joel Ewing jcew...@acm.org said:
But, the password encoding in the RACF data base only becomes a
security issue if READ access to the RACF data base itself is not
properly restricted by RACF.
The ironic thing is that while I have never
In 047801d0291f$5efb31f0$1cf195d0$@mcn.org, on 01/05/2015
at 11:39 AM, Charles Mills charl...@mcn.org said:
The fact is there have been several successful real hacks of
production mainframes, so some sort of real, present-day hacker
exposure is not unheard-of in the wild.
The Devil is in the
I had not heard (and do not fully believe) that the hashed password data
set is generally readable (UACC=READ?).
It is not clear what data set you are referring to. I believe the hashed
password is stored in SYS1.RACF, which should be UACC=NONE. I suppose I should
watch the video.
On 01/03/2015 09:23 PM, Paul Gilmartin wrote:
On Sat, 3 Jan 2015 10:13:21 -0600, Ed Gould wrote:
Indeed it was at least interesting.
I would be curious if IBM would like to comment on some of the
statements on how how RACF encrypts the passwords.
I disagree with how RACF encryption is done
, with disastrous results.
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Joel Ewing
Sent: Monday, January 05, 2015 11:26 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Young's Black Hat 2013 talk - was mainframe tribute song
On 01/03/2015 09
://youtu.be/uL65zWrofvk
Anyway, it's about his efforts to do z/OS hacking.
Thanks,
Mark Regan, USNR-Ret, 1969-1991
- Original Message -
From: Pedro Vera pe...@us.ibm.com
To: IBM-MAIN@LISTSERV.UA.EDU
Cc:
Sent: Friday, January 2, 2015 12:35 PM
Subject: mainframe tribute song
Earlier
On Sat, 3 Jan 2015 10:13:21 -0600, Ed Gould wrote:
Indeed it was at least interesting.
I would be curious if IBM would like to comment on some of the
statements on how how RACF encrypts the passwords.
I disagree with how RACF encryption is done (at least by the
commentator)but I am not RACF
/OS hacking.
Thanks,
Mark Regan, USNR-Ret, 1969-1991
- Original Message -
From: Pedro Vera pe...@us.ibm.com
To: IBM-MAIN@LISTSERV.UA.EDU
Cc:
Sent: Friday, January 2, 2015 12:35 PM
Subject: mainframe tribute song
Earlier this year, they had a talent show at work. I foolishly
: mainframe tribute song
Great song.
While watching the video, I noticed that YouTube listed another video to watch:
Black Hat 2013 - Mainframes: The Past Will Come to Haunt You, by a Philip Young
and it's about an hour long.
It's available at:
http://youtu.be/uL65zWrofvk
Anyway, it's
Earlier this year, they had a talent show at work. I foolishly volunteered to
sing.
Please enjoy my mainframe tribute song!
https://www.youtube.com/watch?v=nQ__nvHJGLA
--
For IBM-MAIN subscribe / signoff / archive access
Brilliant. Thanks for sending it out.
On Fri, Jan 2, 2015 at 9:35 AM, Pedro Vera pe...@us.ibm.com wrote:
Earlier this year, they had a talent show at work. I foolishly
volunteered to sing.
Please enjoy my mainframe tribute song!
https://www.youtube.com/watch?v=nQ__nvHJGLA
Nice - I like the powerpoint with the 0C4.
Only 105 views? Something must be wrong with the youtube counter.
Pedro Vera wrote:
Earlier this year, they had a talent show at work. I foolishly volunteered to sing.
Please enjoy my mainframe tribute song!
https://www.youtube.com/watch?v
http://www.mxg.com/thebuttonman/boney.asp
In a message dated 1/2/2015 11:54:31 A.M. Central Standard Time,
s...@pscsi.net writes:
Brilliant. Thanks for sending it out.
--
For IBM-MAIN subscribe / signoff / archive
Thanks!
On Fri, Jan 2, 2015 at 12:46 PM, Ed Finnell
000248cce9f3-dmarc-requ...@listserv.ua.edu wrote:
http://www.mxg.com/thebuttonman/boney.asp
In a message dated 1/2/2015 11:54:31 A.M. Central Standard Time,
s...@pscsi.net writes:
Brilliant. Thanks for sending it out.
File 33 on cbttape.org is JES2 song book.
In a message dated 1/2/2015 4:21:18 P.M. Central Standard Time,
s...@pscsi.net writes:
Thanks!
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to
tribute song
Philip Young is http://soldieroffortran.org/ and
http://mainframed767.tumblr.com/.
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
22 matches
Mail list logo