Posts by Tuomo Stauffer

A mainframe refresh course

No, mainframes are not best for everything. But, if you need real reliability, performance, security and easy to operate at the same time nothing beats z/OS (aka MVS) in mainframe. And yes, even a mainframe can go down. There has been some OS problems which made it unusable, of course, no electricity - no computer, an operator error and a catastrophic hardware failure (which usually leaves it running but with so much reduced power that it is basically unusable - seen one and have rumors of other.) About name mainframe, it can be argued but when it comes to raw information, not computational, power I don't think that there are other (today) than a real z/OS based system from IBM. It is unfortunate that Hitachi, Fujitsu, Amdahl, etc are not any more competing, it was an interesting time. About real ROI - if running hundreds or even thousands of Linux (business or development) servers in a mainframe there is no question that it is much less expensive in every way than separate servers. And it is a myth that mainframes are more difficult to manage than Unix, Windows, etc. When an installation has a good systems programmer taking care of the systems I still can teach the administrators (used to be called operators,heh) in a couple of weeks and after six months expertise they will be fully fluent. And development is same as in any other platform except the developers don't have to care make files(?), libraries, versions, etc - all that was taken care (in a good installation) already in 70's. JCL ? what is that, in no organized mainframe shop using source/configuration management to manage the environment has required the developers, etc to know except basics - mostly how to fill your credentials, run conditions, output requirements and maybe accounting information, the system takes care of rest and has done that 30 years. Now - add VM to that. Each group and even a person has own mainframe or maybe own Linux to develop, to test, to QA, etc just by starting it (once again - if the installation is even a little designed and organized right!) Mainframes just got a bad name for a while because of the same reasons other systems have/will get a bad name - business didn't understand how to use them and IBM has to take some blame on that, they moved to marketing instead of their at one time excellent education and training.

Good for VM

I really have to wonder MS with all their resources? They have very good people in development so that can't be the problem, why so late? It will get interesting, now MS doesn't have to fight just VM but get to all these hardware vendors after the fact. And they must offer something better than VM if they want to stay in game. Not easy, these are business systems and not home servers. They will run many other OS's than just Windows and all the management problems it creates. MS is enhancing Windows management to more standards based but how long will that take? And will it be really interoperable with existing infrastructure management systems? Too many questions still - interesting times coming!

Life and IT

It is not just DBA's, the whole IT is in denial. Life (==business) is not IT but making money. Until IT is a separate utility / service function, which has only business relationships and people who liaison between, it better to talk business language, not technology babble. Even inside IT it is sometimes difficult to find same terms, is it then no wonder that people outside don't understand those ever changing, millions of acronyms and different ways to show how it works. And it works another way round too - half of my work is to find why these nicely modeled, fully normalized and even formally tested databases have no performance when business functions change as they do almost day by day. In business a nice, static diagram is good a week - if you are lucky, world goes on.

Same concept

It is the same concept you often see in movie world. All he can hope is his name in credentials and maybe a token payment but even that is goodwill by company. It is a contract issue and if not specifically stated in contract then it is a non-issue. And when working always document the background of any idea. It protects both you and the company - that way they don't think (should not think) owning the idea but they will own the work. The problem often comes when you have been working a long time and know or at least have knowledge of a lot. Some ideas which seem new are in reality very old but the players are new / uneducated / unexperienced who have never heard of those and may try to own them. I personally have had a couple of those - then you just have patiently go back and explain how it works, it often helps to have customers lawyer included so they can explain it to the customer in what ever terms they use in that company. Just don't let them intimidate you, they will try!

Next, MS will take..

It seems weird, MS wants to compete (at the same time) with Google, Nokia-Siemens and other MS independent phone vendors, Linux, Sun, IBM, Sony, Apple and even HP (in systems management and no match to NonStop yet but maybe later?). Not small companies! I'm not so sure that even they have resources for that and definitely they don't have the management infrastructure currently. Maybe they are doing the right thing - buy the knowledge but it will take time to put that all together and in their current confusion, what is important and what is not, doesn't seem too promising.

Film and digital

Digital is great but until, as Anonymous said, they get to quality of good Leica optics and good film or even better, 4x5, digital is still not on level(with the price). Digital is where Polaroid was, even 20+M pixels, there is a difference. And I don't think this will be end of Polaroid - digital is too perfect for some artistic situations, even Photoshop can't hide the source in most cases. Now, for public, amateurs, weddings, news, sports, vacations, etc digital is great. And if you just like TV style pictures it is perfect. Some of us like a little more artistic creations (think pinhole, perfect for film) than what we see with our own eyes every day. And no fancy technicolour, please. If I hang a picture on my wall, I want it to be something I will like the rest of my life.

One system versus distributed

Until we have quantum connections between systems the physical fact is that one interconnect system will be more efficient than any distributed. Business wise it may not always be true but if you need raw power it is. About that parallel software, where Oracle and MS SQL were mentioned in sense of distributed databases, Oracle is decent, MS not so much yet and compared to HP NonStop (aka Tandem) SQL systems they pale. Now, of course HP NonStop costs a lot more but also gives more. Anyway, we are not talking databases here but pure, raw information processing, a big difference. IBM has always been good on that, the question is really not how fast one processor is or how fast you can make one query but how much information you can process in a time frame.

Interesting but

I can fully understand the frustration cops are feeling. But before we have a "a code of ethics" which would keep any information spreading I also can understand EFF and other such organizations. But politics make it difficult, in child porno cases they really should have access to everything BUT if found that it wasn't - nothing should slip out, it destroys lives, families, careers, etc. In terrorism it is even more difficult - you even think differently (or have some weird name/looks) than the ruling class, you are a terrorist. In child porno cases it is more black&white but when the same rules are applied to politics / business it will not work, they are ideas, not facts. Todays unfortunate reality is that even a suspect is often already in trouble and there are no safety or recovery policies or mandates to make that right after a mistake. Who is going to get your family back or fix your credit or reputation or lost whatever after a such incident?

Maybe there should be a politically and business independent third party which has rights / access to this information and can make the decisions if it should given further to other institutions. There are a lot of good people and (IMHO) many really are in standard police organizations but not all.

Or maybe we should get the Hammurabi code / law back?

Oh, that's why

I was wondering why MS employees were walking around with all these gadgets, they were monitored for productivity! A great idea but a little late, all the robots in assembly lines are already monitored, at least in manufacturing where I have visited. It is great that humans evolve to the level of robots but where do they find programmers unethical enough to write system to run any monitoring programs? On other hand, maybe not so difficult in current state of employment? Happy New Year all!

You were warned

You were warned so don't complain! The EULA I have coming out next year with my product will have the footnote on page 666 which is written in Word 2003 and if you can't read it, your bad. It has a Flash cross link to another node ( and some code to read all your open pages ) where you are redirected to another site, required by your government, so don't come back and say you didn't know! Happy New Year.

Now I remember

Now I remember being in UK over Christmas / New Year time. Best humor in world, the meanest operators, sorry, BOFS's and PFY's in the world but fun. Just avoid the elevators, keep out of the computer room and especially any locked area, etc and you are safe but they really are fun in bub, actually better stories than in the Register. Happy new year, I have to go, my operator is calling that I have to check the backup tapes in the vault because I have to go in and sign them! See you in party?

Partying is fun, fighting is not

Why do they send instable people to these places? Really hard work, hard partying is really what keeps (a lot of) people going but why fight? It is so easy to pick up the personalities who can't take their drinks so? Take them out once and challenge them, if they get aggressive say it was nice to meet you but..

Soldering?

Now, if I can get an oil rig quality welder I might trust the connection but those people don't come cheap. Don't they use Monster cables? NASA probably doesn't. Just a joke, there are ways to make connectors very reliable and very secure but on what cost? Yes, the cost would be a very small part of the whole project but you know the bean counters! Save a penny here, waste a million (or 500 and a couple of lives) there is no concern of them!

I have small problem with this.

When you see words like JDBC, DAO, etc in diagram instead of just data base access? Aren't the use ( UML, whatever.. ) diagrams supposed to show use cases, what, etc instead of one of hundreds (thousands?) of possibles ways to implement a solution? It says Spring/JSP project but what if things change next week? How valid it is then? Not to blame the book but solutions should work not matter what the supporting architecture is.

Think about it

We have a tag like TAX! How many different taxes there are and the definition changes very often! We have tags like DATE or TIME! Give me a break. How we did handle that in past, yes, metalanguage was allowed in many systems even in 70's but any definition had to be documented and accepted in context. Not a big deal, takes two minutes in a well defined infrastructure and then you can use it, references built, correct display and store formats and calculations bound, etc. But giving a free hand is no, no in business. Why create problems when it is easy to avoid them?

And they didn't

Sorry, as much he is responsible but any time a person in some sensitive role leaves the company all the passwords he/she had access are changed automatically for next person in that role. This was in 70's and it has been the rule in all the systems I have designed since then. No exceptions, be it a CEO, developer or one of door guards. Weird? Not too difficult, one role has just a limited access so there are not too many things to change. Now, of course, I do get arguments as what about this and that password? It is vital to use two way passwords, you have an access to system generating / assigning the needed password which will never released to anybody, no need for that. Block the access and good luck trying to find the real password(s). You design that right, remember changing technology / platforms / even languages and it works. Forget politics!

It seems to me

There are still two (or more) camps in this after a generation (or two.) Modeling (UML, whatever) is an easy way to show the business requirements but once it comes to implementation nothing yet (and IMHO not for a long time) beats a common sense. I'm all for modeling a system because you get a solution what is needed but, unfortunately, no modeling can yet (easily) include the performance, security, interoperability, maintainability, etc to that solution. So, we still need good human developers who can interpret the model. I have been doing all kinds of models abut 30 years, even creating modeling systems, but when it comes to execution they are just guidelines.

And again

Yes, there is a skill shortage but it is in management. As the other replies state current management is in disarray, they should get educated. How you can require a person to have skills in SOX, SOA, ITIL, xxxML, UTMS, SaaS, security, agile, etc when you only know the buzzwords but not how and why?

My current experience is horrible, after 10+ years designing (government, NIST standards) level systems with AAA and security and talking to managers is frustrating. They (may) know about CC, FIPS, ISO, etc but their real knowledge is basically zero coming out from vendor brochures or "dog and pony" shows they have seen and written in job advertisements.

Now, I know many other developers in field who have problems to get work (or to accept work) because they know what, how and when much better than the people doing the hiring. And it is the same with AJAX, REST, SAML, SIP, etc, try and ask the hiring person to explain what those are! You would be amazed of the answers, I have been, they are so much way off that it isn't even funny. No wonder they can't find cheap workers and when they can, what are the results? A lot of bloated and "almost working" systems which will be fixed in next release 2010, maybe. My last experience was looking a contract job which was advertised as design and development.

First it did look good but when it came to questions as how would you do this they meant coding only, I did show a couple of problems in design and was told, no, it is perfect but how would you develop for that? I wouldn't because after a while the whole system would have problems going that way. OK, it didn't work and I was told that is the agile development, we just code a lot just now and think the systems / interoperability / maintainability / etc later, give me a break! Of course unit testing works, you can always make a small piece of system to work alone but try to match it later to your other products and systems, good luck! Haven't they seen the statistics how much an early correction in design saves compared to support and fixing basic design bugs when the system is in production? No, they haven't, so we are back in management eduction!

Same with shortage in mainframe developers, sorry, my 30+ years experience is that it has always been a management cry to hide their own problems. I have had and met development / software engineering managers who like to boast how they coded in Cobol, some even in in assembler, in mainframes in 80's and then "graduated" to PC's so they know everything of development! IMHO, they are the most dangerous types, they never learned whole systems, infrastructure, and they still think that threading, OO, metalanguages, etc are something new and difficult? Or, maybe it is, for them because they are still fighting to understand how PM tools work with SharePoint?

Vey bloody code

Agreed. It is usually a little more complicated but the same principle. Think real life, you go to room to execute several task, go through a door, sign in and start executing tasks. Any fails, you have to leave, go to door, sign out and leave. A common SIGNOUT_LEAVE block, easiest reached by goto, no if/then/else/catch/whatif/bracket/.. mess. Now, it gets a little more interesting if on each task you get something you can't take with you. Still simple because it is just a collection. Assume these things need an action when given back, still kind of simple if they can stacked/identified/... and have the reset/return method bound, i.e. just objects. Now, think they are depend on each other, order, number, property, whatever - ouch! Now you have to really think how to leave only part of tasks done. This is where I see a lot of either repeated code or a very messy ( bloody code ) when using only one way out.

IMHO in those cases it is always(?) better to use external control to manage resources and tell it the success or failure in exit, actually I have designed systems with hundreds of services, processes and thousands of procedures where pure EXIT with action indicator was enough, the next layer cleans out your mess. So, always design for system, not for a function or process or any single entity, sooner or later you need something more complicated and you don't want to code it all over. And what if that changes again?

The reuse

Reading old code is always useful especially if you are new and you have someone explaining the code for you.

And code reuse is great in controlled environment but you have to be very careful with all the issues it brings, don't just copy some licensed code. And be careful of hidden macros, objects, special compiler, OS and hw related things. I can't count the cases where I had to fix for example code written for PPC going to x86 - did you remember the byte order or did you even know? Or going to 64bit? Or default alignments in different compilers and architectures? And so on. And these in code of very experienced developers who used too much cut and paste in large systems ( millions of lines of code. )

It also can be a small problem sometimes. I use several languages and my normal environment has snippets, macros, etc. My editors have templates and huge collection of snippets. Now, suddenly in a system that only has an editor and compiler it feels weird, how to start? Where are my templates, etc? So, code reuse may be a good way to start and very useful in every day work but everyone should be able to work without any when you have a situation where the only tool is vi or notepad ( I personally hate that! ) And often the man pages, help files are missing in such systems so..

Interesting story

Yeah, never, ever give any passwords or so without a written and signed paper. I have been there and denied, it did go up to CEO who said I was right. Now, of course, it came impossible to work with the manager any more but that's another story. This smells and not just a little because if he would have done anything on purpose (IMHO) it would not have been plain and clear or easy to detect, it was his system.

Something is weird?

Excluding the good comment about capcha and password which may or may not be same as using two keys there has been forever the requirement for a name ( one key, user, company, whatever registered to product instance ) and the given key. Both needed to activate a product and I remember back to early 80's and probably used before that. So a 1998 filed patent is a little late?

It hasn't to be but

A good article. Security except good coding practices, and so on does NOT belong to applications. It is asking a disaster.

You have end-point security ( usually the user ), device security, connection ( network ) security, another device security ( server ), application use security and information access security ( and how often, when, what access is allowed / disallowed ). Layer that with managed security NOT with separate products! Everything is there, user has the normal hassle, ID, password, keycard, challenge, whatever BUT nothing else. Any piece missing in chain - close, disconnect, alert, kill someone, etc. but it is not more difficult than a normal login or scheduling a job. Details really don't matter, the protocols are there, the encryption, the key exchange, the ACL's, even the DB views allowed for this user by this application, etc.

Now - it needs pre-planning on infrastructure and system level NOT in applications, too late there.

Wasn't it a long time ago already the rule, manage externally, not in code, don't write filenames, directories, IP addresses, keys, access rights, and so on in program. If you do the same ( manage externally ) with security it is not very complicated except in business ( and political ) sense.

BUT, as the article almost says, how to change what was learned when PC time started, no security at all in design?

Good catch

A very good add-on to GPL. SaaS is nothing new but I was always wondering why it wasn't included. Remember, on old days if the systems allowed users, customers, whatever to run remote batch, time sharing, etc all software was running centralized, none ever needed outside the service provider installation. I'm a big fan of GPL because it gives everybody a way to make business, still maybe agree with Linus that external binary ( like kernel ) drivers should be allowed if there is an "user exit" but that is a minor point, the current world is complicated and there may be reasons why you just can't publish everything. Business is not the reason but patents and other forms of copyright licenses still is, unfortunately.

I feel so old

SOA or not ! Good comments except this is an age old problem, how to access information. I agree with RichardB except my experience of DBAs ( unfortunately ) is not very good, sorry. SQL ( structured query language NOT necessary using a relational database ) mostly refers to relational access ( it is a little more ), now you define your database relations instead programmers in programs and if you do it right it works, in theory. But right means that you really know how your 1000+ tables and 10000+ relations are used AND on which channel, disk array, cluster node, RAID array, read or write or both they they are used and what kind of crazy queries the end users create. One query wrong way and the whole system stalls, maybe sorting something over and over again or maybe accessing disk in random order instead of sequentially for a billion line report and seeks killing the system or maybe the account numbers (keys) were in city order (%90 access going to one poor disk in 100+ array ) or whatever.. All old problems but now the responsibility of DBA who should (IMHO) actually be designing the business logical access, do it right and let the infrastructure people take care of physical layout. As RichardB said, an old problem and DBA should be a (good) mediator between application/end user groups and infrastructure. And please, don't let end users create their own reports, the idea was a disaster already in 70's and it is not any better today, you never know what they do but what is sure, they will stop any online system, beware especially corporate statisticians running wild!

Interesting and on other hand, the same old

Personally, an interesting year. Get unemployed, get MacBook, move to better city, find more interesting things to do, so a nice year.

Big 2007? The growth of open source, the slow and misunderstood adoptions of SOA, ITIL, and the confusion how business and IT can / should work together.

My predictions for next year. The fad continues, SaaS ( why didn't we think these nice letters when selling computer services over 30 years ago? ) Computer languages, could someone bring some new ideas and just not new syntax and new libraries, please, 2007 maybe? ITIL, SOA, etc will continue, if they were good ideas a long time ago why not next year. Open Source will grow more than many believe.

Hopes for next year, more integrated systems / network management based on WBEM / CIM, SOA will be seen more than some ESB / WEB / technical implementation and vendor sales pitch ( this I currently hate most because SOA is a nice if not new idea ), ITIL will actually be adopted by more corporations and even some smaller companies start understanding that it really doesn't have to be difficult, heavy, full of vendor products - it is a framework.

Security will of course be one and hopefully ( but I have my doubts ) companies slowly get the idea next year, you can't just buy security, you have to plan / design for it, security is so much more than some products. Of course the same with all the nice,"new" acronyms, you can't buy those, you have to plan / design them based on your business and environment.

Maybe next year is better, I have seen some movement to that direction but not much, maybe 2009 will be better, it takes time to start thinking business again after so long buying all what a vendor has and believing that products can solve all the business problems without any planning and / or design.

I am surprised

An age old problem with random generators! Now, I have seen some companies giving the "trivial" task to code the random number generator to, let's say a little inexperienced, developers and never testing it. But today when random nuber generators are so important ?? It is tedious and takes time to test any new or even old generator on new system / platform but the methods are widely available.

Honestly

I think this is Microsoft way trying to force the patent system change. Why else would they put a patent like that? It is one of those where you really can show how stupid the patent system has gone. I give them the credit making stupid patents, the more, the faster we will get a change where only real inventions can be patented. Now, copyright is different, say "here is your friendly Microsoft system and we hope you have a great day" is different but can't patent that.

Even older

Almost any mainframe used to work that way. Way, way back I thought why to IPL (boot) a system to run self contained programs like some hardware testing, backups, etc and wrote a loader for certain IBM mainframes. Did work like a dream, startup time whatever it took to load the program(s) and you were running. Our hardware guys loved it. Never tried to go further, no time, but modified one console game to run that way. A dream, the whole mainframe for a game, no OS overhead, much fun!

The normal way but

I'm a happy Comcast user who also found out the "throtling" when downloading a Linux distro. And even sending RST is not nice Comcast should be able to do that, it is their network and it is legal but definitely not nice. What they should not be able to do is to advertise the internet connection as it done today. Tell upfront what and how you do the throttling is OK, don't sneak it in. It's like in (computer) business I have ever done the worst thing is to lie to the customers, it only causes problems. Telling the truth may hurt a little but on long run it always wins the customers to your side. And even if they don't select you they will tell that it was some other reason but next time they check you again because (they think) they can trust on what you are offering. Maybe they are not in long term business ?

Same here old guy

I'm even older and I agree. I have been competing with IBM long and often in mainframes, terminals, controllers, disks(dasds, heh), etc and I like IBM. They do the heavy lifting which allows other to compete with much less starting cost. Now Google, someone said that MySQL is only for small things, maybe so today, but think if you for example had an automated, system level backup in your system to Googles huge network. Now backing up your small things looks suddenly very good, out of premises, saved on well managed network! of systems, and so on. How many already uses these "free" mail services as kind of backup? And OpenOffice documents in database, MySQL can already be used, versioned, etc saved and available outside of your own system? There is a long list they can/could do easily if they can have own code on that level, MySQL is not the only one, take almost any FOSS. Of course they would take the main part of business but it also would allow the competition, if you dare and if not, stop whining!

You are so right

I love this "If developers' jobs are under threat it is unlikely to be from a bagful of old technologies under a new name." You are so right, I'm always amazed when a new term/acronym comes to learn that someone got a new name for old technology or process and people are buying it? SaaS especially, isn't it how the whole thing started? Computers and development were expensive so few did it and sold the services. Now, I wonder have people figured out how to manage billing in SaaS, wholesale does not work in most cases. If you have SLA or whatever, test it. Run a workload, interactive or batch or both, see the bill and run the same six month later. Is your bill same? If not, sue them! Especially governments used to check that they were not billed just by chance and if they catch you, some great stories, you are in trouble. And the end users building applications? Remember when we gave the report writer access to users? Real chaos, system performance down to baskets and enough complains to kill any help desk, the IT departments in real panic mode because the business systems slowed to dead. Great article, unfortunately it seems that some have bought the hype and we will go through all the steps again.

AOP or whatever

AOP is good for security because it separates. Nothing new here, it is an age old paradigm to separate and to reuse. Now you can reuse tested methods, used to be functions/procedures before the new names and acronyms were invented. And if done right that's all you can use until a new is needed, tested, authorized to libraries/objects/what ever. AOP (IMHO) makes life easier except maybe to the persons writing the methods who have to make sure they are safe and work but that's how it has always been so, again, nothing new here. And it is not Java only, AOP can be done on any language, don't restrict yourself. have fun.

Much needed

This is great news and looking DMTF track record it may even be usable. And speaking about DMTF it may even be a manageable architecture easily adapted to systems management environment, I hope. I would recommend everyone to check their web site.

Stll wondering

Wouldn't it have been cheaper for TJX to hire a good information / security person responsible to prevent this. Maybe not - I see this all over, sorry, it seems that companies never learn AND this comes of a long ( 30 ) years in systems business. Is it really too expensive to hire people who know what to do ?

Right way

Nice to see people like Buxton working for MS ( or any other company ) He is promoting KISS and that what counts. After my years in computer business I'm a little tired fixing problems caused by "new and better" but much more complicated inventions which do just the same with ten times more work needed. Agreed - "New product is needed and that's where we are bad as an industry - we don't have any design up front.", NO design just using new tools and toys designed by someone else.

Weird..

I see the comments back to 80's, weird, this was one of our backup plans and tested in 70's, just shows my age, have a nice day, tuomo

about your comment.

Hi - I both agree and disagree your comment, it is too simplified. ITIL is great as are SOA, SDLC, XP, agile, etc. Unfortunately for most business they are just words, something to attach to reports. ITIL is very nice framework but there is no fixed model that fits in all cases. And nothing new here, any and all these methods / architectures were used a log time ago, they just didn't have names attached. Weird, it has been known a long time that following some organized way to do things is good for both business and IT as long as they work together and we still need someone to tell us how ?