Rik Farrow provides UNIX and Internet security consulting and training. He is the author of UNIX System Security and System Administrator's Guide to System V.

Ye gods! Not long ago, someone called me an "old geezer." I'm not even 50 yet, although the gray in my sideburns makes me look older than I am (right?). Nor do I feel as old as other real UNIX old-timers, who actually worked with UNIX in the 1970s. Dave Korn presented two slides during the NT conference that listed all the operating systems he had worked with before he was exposed to NT. My experiences with computers have been much more modest, and even humorous at times.

For example, I was in sixth grade the first time I got to touch a computer. As part of a science fair project, I was taken to a computer center in Rockville, Maryland, and allowed to marvel at the huge machines: disk drives the size of washing machines, whirring drums, refrigerator-sized magnetic tape drives, and a central processing unit with neon display lights showing the current address and data on the busses. As we were leaving, the operator stopped us. He had something he wanted to show us that he felt would really impress us. He loaded a deck of punched cards, and a tinny speaker on the side of the console started to play music. Pretty impressive.

Actually, I was impressed. I imagined having my own computer someday, which would of course take up an entire floor. Later, I think I appreciated the filtered, dry, air conditioned air in the computer room as much as I appreciated the computer. The project I was assigned was to write a statistical program in IBM assembler. I balked. It was the concept of floating point routines that really had me floored.

Bootstrap

When I finished my freshman year of college, I got a summer intern position with General Electric in Bethesda, Maryland. I was the program librarian's assistant and not required to do any programming. But I did get to operate the mainframe, an early, dual-processor GE 275. It took about as long to boot as my NT system today, but was much more interesting. First, you manually loaded two punched cards that were coded in binary (not Hollerith) and called "lace cards" because of all the holes. These cards contained the program that would then load the rest of a card deck (about 200 cards). That program would start the terminal controller, which read a paper tape and provided a program that could read a magnetic tape. The magnetic tape actually contained the operating system, which, when loaded into core, finished by copying utilities onto the hard drives. This took about five minutes.

Well, yes, NT gets the old, 66 Mhz 486, so it does take a while to load (especially when you include starting up the desktop).

College programming classes in those days required the use of punched cards. Students were required to wait in line in basement rooms until a keypunch, an IBM innovation, was available. Then they could punch in the text of the programs in their assignments. Keypunching required precise typing; you could not backspace, but had to retype any card (one line of a program) with a single error in it. You submitted the completed deck to the priests running the mainframe, and the results, in the form of a 14-inch-wide printout wrapped around the card deck, would arrive several hours later. If you were lucky, this would include a core dump, which would provide you with clues about what went wrong. Then you could go through the process again. A single typo could cost you from three to as many as 18 hours (at semester's end) of elapsed time.

Among the disadvantages of card decks was the potential for dropping them. Bent cards were a problem, but this was nothing compared to putting a deck of several hundred or more cards back into perfect order.

Crash

I went back to the university for a couple of courses in 1978. People were still using punched cards, but you then had the option of using DECwriters ­ 300 baud teletypewriters, very advanced. There were one or two "glass terminals," but they were a bit scary, and there was no hard copy allowing you to review your command history.

My most embarrassing moment came at the beginning of the semester. We were to enter an assembly program for a lab DEC PDP-11 computer from a listing, and I naively had entered the octal memory locations along with the assembler code. Duh! Well, I can fix that, I thought, just a little quick substitution using the line editor. I hit return, and nothing happened. Soon other people began to get up and walk away from their terminals, and I began to look closer at the command I had just entered. Instead of deleting the first column of numbers, I had entered a recursive command that would "never" end. I had crashed the mainframe.

I have often wanted a front panel for my computers. Something about being able to enter machine code in binary, and to watch lights flicker as a program executes, still grabs my fancy. Then again, my desktop machine is about a thousand times faster than that 1960s mainframe I remember fondly, and the lights wouldn't even appear to flicker. Perhaps that PDP-11 emulator that will run under UNIX could use a front panel?

Crystal Ball Redux

Another year has ended. I just reread the column I wrote at this time last year and can't say I was displeased. As predicted, I have been forced to learn more about NT and still can't say I like it. Although I am impressed by some aspects of NT, an operating system and applications hegemony written by a "team" of 8,000 programmers suffers, not surprisingly, from a lack of consistency. And can anyone be surprised to hear that the release of NT 5.0 has been delayed, likely to 1999?

I mentioned that I expected microkernels to be on the ascendant. I have learned about how the design of Mach influenced the designers of NT, in particular, in the area of using subsystems to provide support for several APIs. I also feel vindicated in learning that Sun has purchased Chorus, the major microkernel vendor. Although the current code base for Sun's Network Computer has been Solaris, I fully expect a microkernel design in the near future.

Java has been plugging along, enmeshed in the politics of "standards." Sun, for its own reasons, wants to maintain ownership of the Java standard ­ something I really don't fault, because they have played pretty fairly so far. Microsoft is being sued by Sun to remove the Java branding from Internet Explorer; Netscape has already removed the branding because it fails total compatibility in four small areas in version 4.0. But I can sense the groundswell of support growing for Java among large commercial users who are attracted to its write-once-use-anywhere promise, reusable components, and fear of Microsoft.

Superhighway

IPv6 is in its early implementation stage. The 6bone exists, and router vendors are beginning to support IPv6, although I have yet to hear of a large commercial installation using it for anything other than small-scale testing.

The Internet had several meltdowns this year, including Network Systems butchering the root nameservers and UUNET throwing monkey wrenches into its own backbone routing tables. Nobody even talks anymore about the growth of the Internet; it is just accepted as commonplace, without reliable quality of service, and not apt to be replaced by anything anytime soon. One bright spark on the horizon for organizations will be DSL, a means of using pairs of the Telcos's copper wire loops to support digital transmission of up to 6 megabits per second.

Intrusion Detection Systems (IDS) have become the rage. Although they will be great at augmenting firewalls and watching internal security, another trend will make them less useful. We are moving away from broadcast-style networks to switched networks. Using switching means that each host has a "private line," instead of a shared media, for communicating, with the switch acting as mediator and buffer. This means that the IDS people cannot attach to a network and listen to all the traffic, looking for intrusion signatures or unusual behavior. At best, they can monitor individual ports or the connection between backbone routers.

I am still waiting for the laptop of my dreams. It will have a real keyboard, decent-sized display, eight hours of battery life, and weigh less than two pounds. And it won't run Windows or Windows Lite (CE) or worry about supporting Microsoft products. I need to respond to email, take notes, and use the Internet while travelling. I don't need a $5,000 multimedia-faster-than-a-desktop-hunk laptop with a battery life of 40 minutes. But then, I still use vi for "word processing."

Speaking of MS products, I was forced last year to use an LCD projector instead of overheads for a course I was teaching. The expectation is that everyone who presents uses a Microsoft product ­ the same one that began controlling itself several times during the NT conference, much to my amusement. I decided to convert my troff-formatted course notes into a simple HTML document, which could then be displayed using Netscape. This worked well, although someone complained that he could still see the browser's controls (unlike MS Presents, which hides everything until you need to restart the presentation). I think a great slide presentation program could be based upon classes taken from the HotJava browser or something like it.

One Potato, Two Potato

And while gazing into my crystal ball, I like to muse about the Microsoft Worm. Nope, probably hasn't happened yet. But as the number of installed NT servers reaches a critical mass, another Internet Worm­like incident will become likely. Just like the Irish potato famine was caused by reliance on just two species of potatoes, having lots of identical servers, internally complex beyond accurate documentation, can lead to a very interesting security meltdown.

Life is interesting, I am traveling less (thank God), and I still find myself looking forward to new developments. I hope the new year finds you better off than last year and also looking forward to the future.