Posts by chasil 184 publicly visible posts • joined 18 Jul 2014
For the full effect, you can also get the ROMs for a DEC VT240 terminal, and emulate it on a telnet socket with MAME.
https://www.mail-archive.com/simh@trailing-edge.com/msg09086.html
I ended up using these command line options to get it running (change 2323 below to 6666 for a VMS 1.0 install):
mame -rp . vt240 -window -nothrottle -host null_modem -bitb socket.target.hostname.com:2323
One major design decision shared by VMS and NT is hard file locking, and that has vast consequences on uptime/availability.
Linux is able to apply patches to underlying libraries that are in use. Processes that have linked in the older library report when their mapped libraries are unlinked:
# grep deleted /proc/1/maps | head -1
7ff80804e000-7ff80805c000 r--p 00000000 fc:00 201330314 /usr/lib64/libgcrypt.so.20.4.0 (deleted)
Because NT cannot do this, you get to enjoy "Patch Tuesday."
...that is available for free (mentioned above) comes with Basic, Fortran and COBOL compilers. Alas, it does not appear to include C.
$ help fortran
FORTRAN - Invokes the VAX-11 FORTRAN IV-PLUS compiler to compile one or more source programs.
$ help cob
COBOL - Invokes the PDP-11 COBOL-74/VAX compiler. The /RSX11 qualifier is required.
$ help basic
BASIC - Invokes the PDP-11 BASIC-PLUS-2/VAX compiler.
If you want to remember a very small amount of VMS, you can download this free OS image, and run it in the Simh emulator.
Dave Cutler wrote some of the VMS 1.0 kernel in assembler, which he later regretted after leading the Windows NT kernel project.
You will get: VAX/VMS Version 1.00 21-AUG-1978 15:54
I got it running on Oracle Linux 9. Direct networking isn't needed, as it will open a telnet socket on a "VAX780 simulator DZ device, line 0" within the host OS.
I don't think there is a TCP stack for VMS 1.0.
https://gunkies.org/wiki/Installing_VMS_V1.0_on_SIMH
This assertion by the author is not correct:
"In the Linux world, this first appeared with journaling file systems."
What is actually needed for databases is System V IPC - semaphores, message queues, and shared memory.
Columbus UNIX introduced these, long before journaling file systems.
https://en.wikipedia.org/wiki/CB_UNIX
"CB UNIX was developed to address deficiencies inherent in Research Unix, notably the lack of interprocess communication (IPC) and file locking, considered essential for a database management system... The interprocess communication features developed for CB UNIX were message queues, semaphores and shared memory support. These eventually appeared in mainstream Unix systems starting with System V in 1983, and are now collectively known as System V IPC."
Alpha had several problems that precluded its adoption as a mainstream ISA.
The first was power, and DEC ended up choosing the winner themselves.
https://en.wikipedia.org/wiki/StrongARM
"According to Allen Baum, the StrongARM traces its history to attempts to make a low-power version of the DEC Alpha, which DEC's engineers quickly concluded was not possible."
The second was the weak memory barriers.
https://redvice.org/2021/memory-barriers-alpha/
"Of relevance to this piece, however, is Alpha’s exceedingly lax memory model. Unlike ARM, which will respect data dependencies for reordering, Alpha can reorder reads regardless. This is really hard to reason about, even for people comfortable with lock-free programming."
The third was their own software licensing, which was outrageously expensive.
An AIX license for a single user was included in an RS/6000 purchase (participated in a 43p purchase in the mid-90s), while OSF/1 was over $40k, ruling the Alpha out. Third-party Alpha resellers with beta versions of Linux and Windows were not sufficient to overcome this.
ARM definitely deserved to be the survivor.
The Mozilla Javascript solution is generally available at this URL:
https://mozilla.github.io/pdf.js/
I have used it as an extension in Edge, where is was an option for me to view PDF attachments (the Edge PDF engine does not allow this).
The Javascript solution is likely more secure, and presents less of an attack surface. Adobe PDF has seen *so many security bugs* that I really do prefer something else.
The Oracle "Unbreakable" Enterprise Kernel (UEK) is actually far superior to RedHat's for several reasons.
It adds full support for btrfs. RedHat explicitly removes this from Fedora, for motivations that are not clear at this point.
RedHat also removes many drivers and supported devices from later kernels, which the UEK retains. SATA RAID cards are notably back among other deprecated devices and modules, with no need to go to El Repo for a tainted driver.
The latest UEKs are all v5 kernels, much better than the v3 and v4 that we see on RedHat 7 and 8.
This does solve many different classes of problems on the platform, even when loaded into an upstream OS.
Microsoft SQL Server was forked from Sybase 4.8, which was already multiplatform on all the commercial UNIXen of the time.
I understand that there is a "shim" layer for kernel services translation, but SQL Server is faster on Linux than it is on Windows.
In a way, it has finally come home.
Microsoft's lack of an implementation of the SQL/PSM standard is a real problem where I work. We have hundreds of thousands of lines of PL/SQL, and Db2 is a better porting candidate than all the SQL Servers that we run.
Microsoft, please implement the whole of SQL/PSM.
https://en.m.wikipedia.org/wiki/SQL/PSM
I also wish that my own management would start using SQL Server on Linux. It's faster, and the patching is far easier. Microsoft themselves publish leading TPC-H scores on Linux, with Windows a distant second (Exasol towers above both).
https://www.tpc.org/tpch/results/tpch_perf_results5.asp?resulttype=all&version=3
svn commit: WebKit migrates to GitHub
I just confirmed that Oracle Solaris support is $1,000 per year. You can find this on https://shop.oracle.com then browse products / operating systems.
There are plenty of versions of Solaris. A lot of people like OpenIndiana, and Samsung was such a fan of SmartOS that they bought Joyent.
Give some of these a try!
https://www.oracle.com/solaris
https://www.openindiana.org/
https://tritondatacenter.com/smartos
The use of hmac-sha1 remains secure, as hmac tolerates a weak hashing algorithm that is prone to collisions (which means that hmac-md5 is also still secure). However, sha-1 is also used within the original RSA key specification, which also cannot be used with modern SSH.
One easy solution is to install tinysshd on the RHEL6 release, which supports the latest (DJB) ciphers. It can be somewhat more difficult to use, as only ed25519 keys are allowed for logins (it does not allow a login with a password).
EPEL for RHEL9 does not yet have PuTTY packages. When they arrive, they will support the older ciphers. They can also be built from source.
You might find it interesting to know that the predecessor to CDE was HP VUE under HP-UX.
I graduated from the university of Iowa. When I matriculated, the engineering computer lab had Macs and Apollo Domain workstations. The Apollos migrated to PA-RISC running HP-UX v9.
This was shortly before the attempt on DCE standardization, and I think that HP submitted VUE for this reason.
https://en.m.wikipedia.org/wiki/Visual_User_Environment
One unsung jewel of CDE was the dtksh, a Korn shell variant that allowed direct access to Xlib, Xt, and Motif widgets from a shell script. This code was owned by Novell, and the author documented the final version in this book:
https://www.amazon.com.au/Desktop-Kornshell-Graphical-Programming-Pendergrast/dp/0201633752
Good times.
I have not checked, but the installer for Oracle Linux 9 will likely only allow XFS filesystems to be created. Any btrfs filesystems will have to be created on separate storage, or on loopback files that live on XFS.
The RHCK will not recognize any btrfs filesystems. These can only be mounted when the UEK is running.
The UEK is definitely able to utilize btrfs, the the OS really was not built for it. Fedora or Suse is a better choice for well-integrated btrfs.
After reading that whole article, all of RCA's technology actually went to UMC.
TSMC got something better:
"TSMC entered the market with technology much more advanced than UMC... Dutch corporation Philips (continuing a history of close Dutch-Taiwanese ties) provided technological input on the 1.5 micron process that would make up TSMC's core service."
I didn't know that.
https://meet-global.bnext.com.tw/articles/view/47727
"RCA invited a team of some 30-40 engineers to their campus for a year to teach them not just the raw science of semiconductors but also management techniques and industrial knowledge... a few years later, RCA pulled out of the semiconductor industry altogether and left Taiwan with a license for all of its technologies."
It's important to understand that RCA agreed to train TSMC workers in the late 70s at the RCA semiconductor foundry in Ohio.
TSMC acquired vast experience from RCA.
RCA was a leader in semiconductor manufacturing at that time, but attempted to become a conglomerate with acquisitions of unrelated businesses that detracted from their core competence. The nickname of the firm was "Rugs, Chickens, and Automobiles" as they bought a carpet company, a frozen food company, and a rental car company.
RCA as a semiconductor manufacturer withered on the vine in the ensuing management distraction.
There are many reasons that TSMC would never survive in the United States. Perhaps Intel is better served in another country.
The assertion of this article is that a common low-level RISC could be shared between an ARM and AMD64 implementation.
AMD has actually done this already, between the 29k and the K5.
Details on AMD SPARC:
"Based on the seminal Berkeley RISC, the 29k added a number of significant improvements. They were, for a time, the most popular RISC chips on the market.. Berkeley RISC-derived designs is the concept of register windows... In the original Berkeley design, SPARC, and i960, the windows were fixed in size.... It was here that the 29000 differed from these earlier designs, using a variable window size."
https://en.wikipedia.org/wiki/AMD_Am29000
K5 reused previous RISC elements:
"The K5 was based upon an internal highly parallel Am29000 RISC processor architecture with an x86 decoding front-end."
https://en.wikipedia.org/wiki/AMD_K5
So... here we go again?
Do you see this right here? This means iLO.
'Another item of interest is the beginnings of support for the HPE GXP architecture.
'As explained by HPE chap Nick Hawkins, the architecture uses ARMv7 and the Cortex A9 core and will become a key feature of the company's next-gen servers.
'But not as CPU.
'"The GXP is the HPE BMC SoC that is used in the majority of HPE Generation 10 servers," Hawkins wrote. "Traditionally the ASIC will last multiple generations of server before being replaced."'
The StrongARM implementation originally began at DEC, as they were searching for a low-power design after realizing that a low-power 20164 Alpha wasn't possible.
"According to Allen Baum, the StrongARM traces its history to attempts to make a low-power version of the DEC Alpha, which DEC's engineers quickly concluded was not possible."
https://en.wikipedia.org/wiki/StrongARM
From the commentary on the HPE Baseband Management Controller (known as iLO, Integrated Lights Out), the main feature that all of us need is an option to disable it.
It is unsafe. It has always been unsafe. It has no hope of being safe in the immediate future.
https://www.blackhat.com/us-21/briefings/schedule/index.html#hpe-ilo-firmware-security---go-home-cryptoprocessor-youre-drunk-23398
Malware infecting iLO cannot be removed - junk the server.
https://latesthackingnews.com/2022/01/02/new-ilobleed-rootkit-targets-hp-integrated-lights-out/
It needs an off switch.
'we're just moving carefully on it to ensure folks don't get bitten by the vaunted "btrfs stability problems".'
I don't think that an "enterprise" Linux distribution will be able to solely base itself on btrfs.
Oracle specifically prohibits database installations on this filesystem in 2290489.1: "Oracle DB has specifically said that they do not support using BTRFS filesystems... BTRFS is optimized for *non-database* workloads."
XFS also dominates the TPC benchmarks (at tpc.org) for Linux. There is no way that btrfs is going to supplant that status within the next few years. SGI definitely contributed an extremely valuable asset.
I'm also a bit surprised that Fedora's boot is ext4, as it's XFS under CentOS (7).
OpenBSD is unique in that the X server does not run as root. This alone makes it makes it safer than most everything else that implements X11.
After the switch of malloc() from sbrk() to mmap(), several use-after-free bugs were found and fixed in the X server, which benefitted all platforms that implemented the patches.
OpenBSD is a great place to run X-Windows.
Linux is [currently] far more able to run fragments of the kernel on multiple CPUs at the same time.
OpnBSD started out with one large kernel lock that was a bottleneck (as did Linux 2.2), but has proceeded much more slowly in allowing kernel features out from behind that lock.
That being said, there are some things that feel much faster in OpenBSD 7.1.
The NTRU situation is actually more complex than this article implies.
NIST is conducting a competition for post-quantum key exchange and signature algorithms. NTRU Prime did not make the cut as a key exchange finalist.
It appears that NTRU Prime is going ahead in OpenSSH, without any formal endorsement from NIST.
https://csrc.nist.gov/Projects/post-quantum-cryptography/round-3-submissions
In the notes listing NTRU Prime as an alternate (and rejection as a finalist), Daniel J. Bernstein filed a complaint with his experience at NIST:
https://03283664099418252878.googlegroups.com/attach/6f5422d4f193d/complaint-re-apon.pdf
"Formal complaint regarding 8 June 2021 incident - 2021.06.15, Daniel J. Bernstein..."
"Executive summary. A week ago Dr. Daniel Apon from NIST publicly accused me of professional misconduct. Specifically, he accused me of initiating private contact with NIST so as to provide false information to NIST regarding the timing of an upcoming announcement relevant to NIST’s ongoing decisions..."
It is unfortunate that this disfunction has a practical impact upon OpenSSH.
Most Ubuntu users would not put up with an ancient kernel like this:
$ uname -sr
Linux 3.10.0-1160.42.2.el7.x86_64
$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.9 (Maipo)
You can get a more modern kernel for this platform, but that is very much frowned upon depending upon where it came from and what is done with it.
Another major problem is XFS, which is getting a formal deprecation because of this issue:
# grep xfs.*2038 /var/log/messages | head -1
Mar 7 04:55:30 kernel: xfs filesystem being remounted at / supports timestamps until 2038 (0x7fffffff)
https://lobste.rs/s/1wczzd/when_why_deprecate_filesystems
You might try SmartOS.
The whole thing runs on a USB flash drive, and lets you offer all your storage as ZFS pools with no footprint of the hypervisor OS.
KVM has been grafted into the Illumos kernel for running Linux VMs, but you can also run Zones.
It's likely possible to run an Oracle database on it, but you probably have other preferences in that arena.
AMD does the same thing...
https://en.wikipedia.org/wiki/AMD_Platform_Security_Processor
...and they do it using ARM's design, inside an ARM core.
https://en.wikipedia.org/wiki/ARM_architecture#Security_extensions
If you want a commercial CPU that is clean and open, then you will have to buy a SPARC. I think that the T2 is the best available.
https://www.oracle.com/servers/technologies/opensparc-overview.html
Version 10g introduced a new in-place shrink, enabled by "alter table x enable row migration;" followed by "alter table x shrink space;".
If you were using a prior version, then the method to defragment/consolidate a table was only by the 8i "alter table x move tablespace y;" which does unpleasant things to indexes. It would be well-worth an upgrade to 10g just to get the in-place shrink functionality rather than rely on the 8i method.
And as far as sticking with Itanium, that's because migrating to a new platform means exp/imp (maybe with data pump). I have also done this from HP-UX to x86, and it is also not pleasant. I think that Exadata is the biggest iron available, and it runs on Oracle Linux.
There are actually three independent implementations of Db2: the mainframe version, the AS/400/i-Series OS service, and the Linux/Windows port. Each of these is a separate source repository, and they are not bug compatible (AFAIK).
IBM has licensed a version of PL/SQL (Oracle's ADA-like language for procedural SQL) from Enterprise DB. I don't know if this has been implemented on all of the Db2 platforms. Oddly, Microsoft has not arranged for PL/SQL support, instead adhering to Transact-SQL. This suggests that Db2 is a better choice for porting away from Oracle.
https://www.enterprisedb.com/news/enterprisedb-and-ibmr-collaborate-integrate-technology-new-version-db
Still, SQLite and Postgres offer enough features that $15-25k for a core-based proprietary DB license demands justification for return on investment, and cloud services will make this judgement stark.
MIPS has a lot of oddities in it's design that were hard-coded from the early architecture. Branch delay slots and register timing are what I remember from the blog post below.
Apple could likely have bought MIPS when they were ready to go 64-bit, instead of using AArch64. Their M1 now beats Intel by several metrics.
Also, the top supercomputer is AArch64.
It looks like ARM really put some thought into enterprise performance, and removed similar scalability problems from Furber & Wilson's original ARM design.
https://www.jwhitham.org/2016/02/risc-instruction-sets-i-have-known-and.html
"MIPS is the worst offender. It deliberately omits a feature which is so fundamental to CPU architecture that software people don't even think about it. The architecture leaves out the mechanism in the CPU pipeline which would otherwise stall execution until the data was ready. A register access which would have created a minor inefficiency on any other architecture instead creates a "hazard" on MIPS. You can read from a register before that register is ready. If you are writing or debugging MIPS code, you have to know how this works...
"Both SPARC and MIPS share another horrid feature - delayed branches. These create a dependency between instructions, in which the branch takes effect after the next instruction, rather than immediately. When using assembly code, you have to know which instructions have a delayed effect, and what rules apply to the instruction (or, sometimes, instructions) in the "delay slot" following it. The delay slot is restricted in various ways: for instance, you can't put another delayed branch there."
Microsoft ought to be careful.
In outsourcing their browser engine to Google, they have now placed significant power over their OS in the hands of people who are now growing upset with them.
Google could, for example, inject a Go runtime into Chrome, get it endorsed as a web standard over Microsoft's objections, and force Go into Windows with the public intention of killing the .NET environment.
Should these two companies engage in serious disagreements, Windows will suffer badly.
I'll say that 32-bit 11.2.0.4 is part of an upgrade that I have been asked to plan.
Moving from that to 19.3 or higher is a problem - DBUA does not (appear to) handle 32-bit databases, and it must be done with the dbupgrade command-line tool.
I am wondering what my options are for the catdwgrd.sql script to revert, and I've been advised not even to offer it as an option. Dropping back down from 64 to 32-bit would be asking for a disaster.
What is more interesting is that a ROP gadget exploit was used to attack the server.
OpenBSD goes to great lengths to defeat ROP gadget attacks. The compiler is modified to exclude certain machine instructions at the ends of functions, and the ASLR runs so deep that the kernel and C libraries are relinked at every boot to randomize locations in memory.
"Tracked as CVE-2021-35211, the Serv-U vuln allowed an attacker to achieve remote code execution through what Microsoft described as a Return Oriented Programming attack, as we reported at the time."
For SFTP services, OpenBSD is in the top tier for security.
https://www.openbsd.org/papers/asiabsdcon2019-rop-paper.pdf
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2023
