LMF Licence Generator Code

1447 views
Skip to first unread message

Lawrence D’Oliveiro

unread,
Aug 5, 2021, 12:55:23 AMAug 5
to
I had a look at the original pakgen.c source from mirrors.pdp-11.ru. I get the impression somebody disassembled a bunch of VAX machine language, then did a straight transliteration into C code.

So I thought I would clean it up a bit. And I managed to knock its size down by a couple hundred lines. I also wrote a Python version, which is less than half the size of the original, and also add a few features. For example, I was able to add the HARDWARE_ID, TOKEN and VERSION atttributes by guessing at their codes. So far I haven’t been able to figure out the RELEASE_DATE and TERMINATION_DATE attributes, most likely because I can’t get the right date-encoding format.

E Thump

unread,
Aug 5, 2021, 9:50:55 AMAug 5
to
On Thursday, August 5, 2021 at 5:55:23 AM UTC+1, Lawrence D’Oliveiro wrote:
> I had a look at the original pakgen.c source from mirrors.pdp-11.ru. I get the impression somebody disassembled a bunch of VAX machine language, then did a straight transliteration into C code.
>
> So I thought I would clean it up a bit. And I managed to knock its size down by a couple hundred lines. I also wrote a Python version, which is less than half the size of the original, and also add a few features. For example, I was able to add the HARDWARE_ID, TOKEN and VERSION atttributes by guessing at their codes. So far I haven’t been able to figure out the RELEASE_DATE and TERMINATION_DATE attributes, most likely because I can’t get the right date-encoding format.

Hi - I sent you a message on LinkedIn - I can't find an email address for you.
cheers
e

David Sweeney

unread,
Aug 6, 2021, 9:55:11 AMAug 6
to
It should come as no surprise that creating a hacked version of pakgen to generate license PAKs for any VMS or OpenVMS product is not legal. The webmaster of the mirroring site has been contacted to remove the pakgen source from the site. Lawrence, whether or not the site removes the code you cannot use or share PAKGEN hack you are creating.

Dave Sweeney

jimc...@gmail.com

unread,
Aug 6, 2021, 5:23:06 PMAug 6
to
On Friday, August 6, 2021 at 6:55:11 AM UTC-7, dsweene...@gmail.com wrote:
> It should come as no surprise that creating a hacked version of pakgen to generate license PAKs for any VMS or OpenVMS product is not legal. The webmaster of the mirroring site has been contacted to remove the pakgen source from the site. Lawrence, whether or not the site removes the code you cannot use or share PAKGEN hack you are creating.
>
> Dave Sweeney

Versions of PAKGEN.C are available all over the Internet in various forums. Even if the mirrors site removes it, the cat is out of the bag there.

In many (most?) jurisdictions, it's also perfectly legal to author, refactor, and share code like PAKGEN. You're not in a position to tell Lawrence whether or not he can share that code.

Lawrence D’Oliveiro

unread,
Aug 6, 2021, 6:15:03 PMAug 6
to
By the way, some people seem to be under the impression that LMF is/was some kind of copyright enforcement tool. DEC’s own documentation made it clear this was not the intention.

Bob Eager

unread,
Aug 6, 2021, 6:40:08 PMAug 6
to
He *can* share anything he likes. Whether he should, and whether it is
legal (which it will be in many jurisdictions) is a separate matter.

But that's up to him.
--
My posts are my copyright and if @diy_forums or Home Owners' Hub
wish to copy them they can pay me £1 a message.
Use the BIG mirror service in the UK: http://www.mirrorservice.org
*lightning surge protection* - a w_tom conductor

Phillip Helbig (undress to reply)

unread,
Aug 6, 2021, 6:56:58 PMAug 6
to
In article <47e66171-ea70-40e4...@googlegroups.com>,
"jimc...@gmail.com" <jimc...@gmail.com> writes:

> In many (most?) jurisdictions, it's also perfectly legal to author,
> refactor, and share code like PAKGEN.

Perhaps. But is it legal to use it? In any case, a reference would be
helpful. I doubt that VSI or anyone else would bother generating
licenses if it were perfectly legal to create one's own.

Phillip Helbig (undress to reply)

unread,
Aug 6, 2021, 6:58:45 PMAug 6
to
In article <3d90d9d7-99d3-404e...@googlegroups.com>,
DEC's documentation never said that it was OK to use something like a
rogue tool to generate a license to avoid buying a real one. Also,
apart from both having to do with intellectual property, licenses and
copyright have little in common.

Simon Clubley

unread,
Aug 6, 2021, 8:41:20 PMAug 6
to
Even _if_ that is the case Jim, this situation could provoke
a strong response from VSI.

For example, VSI are very clearly in a mindset that's all about
collecting ongoing revenue from the users and making sure the
users don't try "cheating".

As such, I would not be surprised to find out that VSI are
considering implementing a much stronger version of the LMF for
the x86-64 VMS production versions.

Right now would be an ideal time to implement such a change as there
are no production licences for x86-64 VMS at the moment, so there are
no backwards compatibility issues if they implement a replacement
right now.

They could take a signed licence keys approach and later on
actually implement signed images in VMS that cannot be tampered
with to patch out the licence checks. The days when you had to
support manually entering a licence key have probably passed.

BTW, if VSI do that, you will not be able to patch the resulting
images to bypass the licence checks on the time-limited licences
if VSI do go bust.

Simon.

--
Simon Clubley, clubley@remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.

Dave Froble

unread,
Aug 6, 2021, 9:00:12 PMAug 6
to
On 8/6/2021 8:41 PM, Simon Clubley wrote:
> On 2021-08-06, jimc...@gmail.com <jimc...@gmail.com> wrote:
>> On Friday, August 6, 2021 at 6:55:11 AM UTC-7, dsweene...@gmail.com wrote:
>>> It should come as no surprise that creating a hacked version of pakgen to generate license PAKs for any VMS or OpenVMS product is not legal. The webmaster of the mirroring site has been contacted to remove the pakgen source from the site. Lawrence, whether or not the site removes the code you cannot use or share PAKGEN hack you are creating.
>>>
>>> Dave Sweeney
>>
>> Versions of PAKGEN.C are available all over the Internet in various forums. Even if the mirrors site removes it, the cat is out of the bag there.
>>
>> In many (most?) jurisdictions, it's also perfectly legal to author, refactor, and share code like PAKGEN. You're not in a position to tell Lawrence whether or not he can share that code.
>
> Even _if_ that is the case Jim, this situation could provoke
> a strong response from VSI.
>
> For example, VSI are very clearly in a mindset that's all about
> collecting ongoing revenue from the users and making sure the
> users don't try "cheating".

The first part of that is reasonable and how things must be if VSI and
VMS are going to be around for a while.

The second part is unreasonable paranoia. Who and where are these
"cheaters"? I don't know of any. Does anyone? Most of us are just
happy that VSI is there to support us, and we understand they need
revenue to do so. Which is why I prefer they have recurring revenue
rather than one time license sales.

--
David Froble Tel: 724-529-0450
Dave Froble Enterprises, Inc. E-Mail: da...@tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA 15486

Simon Clubley

unread,
Aug 6, 2021, 9:08:27 PMAug 6
to
If VSI were not worried about such things, they would not be
implementing time-limited licences on production machines.

Whether they are actually _right_ to be worried about such things
is a question I cannot answer.

Phillip Helbig (undress to reply)

unread,
Aug 7, 2021, 4:21:38 AMAug 7
to
In article <seklum$7q3$1...@dont-email.me>, Dave Froble
<da...@tsoft-inc.com> writes:

> The second part is unreasonable paranoia. Who and where are these
> "cheaters"? I don't know of any. Does anyone? Most of us are just
> happy that VSI is there to support us, and we understand they need
> revenue to do so. Which is why I prefer they have recurring revenue
> rather than one time license sales.

I don't know, but the fact that one can find such things on the net
shows that there must be some interest, and obviously cheaters would not
publicize that fact.

But if cheaters were a non-problem, why have LMF at all?

Bob Eager

unread,
Aug 7, 2021, 5:20:08 AMAug 7
to
On Sat, 07 Aug 2021 08:21:34 +0000, Phillip Helbig (undress to reply)
wrote:
I always thought that the primary purpose of LMF was a 'light touch' way
of making sure that compaies kept up with their licensing, even if the
company was a bit disorganised.

Why on earth HP couldn't have generated perpetual PAKs for VAX, I don't
know. Incompetence is by far the most likely reason - well, and
disinterest.

Bill Gunshannon

unread,
Aug 7, 2021, 7:59:44 AMAug 7
to
I agree with this entirely. It is not cheaters that VSI needs to
fear it is management who come out of MBA school with no knowledge
of anything not Microsoft or Linux and will see moving from VMS to
one of those as "modernization" of a legacy system. Go read some
of the stuff on LinkedIn about "Legacy Systems". Not specifically
about VMS but the attitude is even if it still does the job if it
is old (ie. COBOL) it is bad and a problem. I recently saw an article
that blamed delays processing one of the government handouts on the
fact that the system is written in COBOL. I am sure that when it
comes time to replace a VMS system they will offer VAX benchmarks
as proof that VMS is just a dog that needs to be put out of its
misery.

bill

Bill Gunshannon

unread,
Aug 7, 2021, 8:03:25 AMAug 7
to
I suspect that it is "Hobbyists" that are and are likely to continue
using pakgen.c. I doubt any legitimate business would as the legal
implications (even without VSI being involved) as a serious concern.
You don't think the auditors or legal department would be looking at
this?

>
> But if cheaters were a non-problem, why have LMF at all?
>

Because it was already in the code they got and removing it might be
problematic at the moment.

bill

Bill Gunshannon

unread,
Aug 7, 2021, 8:04:24 AMAug 7
to
On 8/7/21 5:20 AM, Bob Eager wrote:
> On Sat, 07 Aug 2021 08:21:34 +0000, Phillip Helbig (undress to reply)
> wrote:
>
>> In article <seklum$7q3$1...@dont-email.me>, Dave Froble
>> <da...@tsoft-inc.com> writes:
>>
>>> The second part is unreasonable paranoia. Who and where are these
>>> "cheaters"? I don't know of any. Does anyone? Most of us are just
>>> happy that VSI is there to support us, and we understand they need
>>> revenue to do so. Which is why I prefer they have recurring revenue
>>> rather than one time license sales.
>>
>> I don't know, but the fact that one can find such things on the net
>> shows that there must be some interest, and obviously cheaters would not
>> publicize that fact.
>>
>> But if cheaters were a non-problem, why have LMF at all?
>
> I always thought that the primary purpose of LMF was a 'light touch' way
> of making sure that compaies kept up with their licensing, even if the
> company was a bit disorganised.
>
> Why on earth HP couldn't have generated perpetual PAKs for VAX, I don't
> know. Incompetence is by far the most likely reason - well, and
> disinterest.

My vote would be for disinterest.

bill


Arne Vajhøj

unread,
Aug 7, 2021, 2:43:21 PMAug 7
to
I have always seen LMF and VMS software license check not as protection
against software piracy but as assistance to those managing licenses.
It is possible to see what licenses are there. It is possible to see
units and expiration dates. Software stop working in case someone forget
to renew licenses, which will make someone notice it.

Arne




Phillip Helbig (undress to reply)

unread,
Aug 7, 2021, 4:33:17 PMAug 7
to
In article <in7b49...@mid.individual.net>, Bill Gunshannon
<bill.gu...@gmail.com> writes:

> >> The second part is unreasonable paranoia. Who and where are these
> >> "cheaters"? I don't know of any. Does anyone? Most of us are just
> >> happy that VSI is there to support us, and we understand they need
> >> revenue to do so. Which is why I prefer they have recurring revenue
> >> rather than one time license sales.
> >
> > I don't know, but the fact that one can find such things on the net
> > shows that there must be some interest, and obviously cheaters would not
> > publicize that fact.
>
> I suspect that it is "Hobbyists" that are and are likely to continue
> using pakgen.c.

That makes little sense, as hobbyist licenses have been available for
the asking for decades.

Bob Eager

unread,
Aug 7, 2021, 4:36:56 PMAug 7
to
On Sat, 07 Aug 2021 20:33:12 +0000, Phillip Helbig (undress to reply)
wrote:
But they haven't been available for some months for VAX, and there will
be no more.

Bill Gunshannon

unread,
Aug 7, 2021, 4:45:09 PMAug 7
to
There have been times when there was no response from HP for
extended periods of time. And, we now have the VAX debacle.
No one is going to audit a Hobbyist System so there is little
if any chance of it becoming a problem.

Production systems on the other hand...

You know, our legal department refused permission to sign
the license for the last Edu Program offered by HP. I
hardly expect they would have allowed generation of our
own licenses using pakgen.c.


bill

Arne Vajhøj

unread,
Aug 7, 2021, 5:56:27 PMAug 7
to
On 8/7/2021 7:59 AM, Bill Gunshannon wrote:
> On 8/6/21 8:59 PM, Dave Froble wrote:
>> The second part is unreasonable paranoia.  Who and where are these
>> "cheaters"?  I don't know of any.  Does anyone?  Most of us are just
>> happy that VSI is there to support us, and we understand they need
>> revenue to do so.  Which is why I prefer they have recurring revenue
>> rather than one time license sales.
>
> I agree with this entirely.

Given that VMS is mostly for professional usage and that
software piracy is not common for professional usage, then
it is not likely that software piracy is a major problem.

>   It is not cheaters that VSI needs to
> fear it is management who come out of MBA school with no knowledge
> of anything not Microsoft or Linux and will see moving from VMS to
> one of those as "modernization" of a legacy system.

If you replace a system with a significantly newer system then
it seems fair to call it a modernization.

One just need to understand that newer does not guarantee
better.

>   Go read some
> of the stuff on LinkedIn about "Legacy Systems".  Not specifically
> about VMS but the attitude is even if it still does the job if it
> is old (ie. COBOL) it is bad and a problem.

Being old is not a problem in itself.

It becomes a problem if:
- it is out of support
- it is hard to find people with skills
- it does not integrate with newer system that it need to
integrate with
- it is expensive to maintain

Arne

Dave Froble

unread,
Aug 7, 2021, 6:40:18 PMAug 7
to
It has occurred to me that VSI should have the opportunity to know who
is using x86 VMS. From the beginning, they implement some sort of
reporting scheme. For VMS to run, it has to check in with VSI. There
may be situations where such is not feasible, but, that can also be handled.

Now, if someone is on VAX, Alpha, or itanic and has a valid HP license,
if they wish to stay there, that could be done. If someone wants to
"cheat" on VAX, Alpha, or itanic, why does VSI care, x86 is their
immediate future.

Bill Gunshannon

unread,
Aug 7, 2021, 6:42:20 PMAug 7
to
On 8/7/21 5:56 PM, Arne Vajhøj wrote:
> On 8/7/2021 7:59 AM, Bill Gunshannon wrote:
>> On 8/6/21 8:59 PM, Dave Froble wrote:
>>> The second part is unreasonable paranoia.  Who and where are these
>>> "cheaters"?  I don't know of any.  Does anyone?  Most of us are just
>>> happy that VSI is there to support us, and we understand they need
>>> revenue to do so.  Which is why I prefer they have recurring revenue
>>> rather than one time license sales.
>>
>> I agree with this entirely.
>
> Given that VMS is mostly for professional usage and that
> software piracy is not common for professional usage, then
> it is not likely that software piracy is a major problem.
>
>>                             It is not cheaters that VSI needs to
>> fear it is management who come out of MBA school with no knowledge
>> of anything not Microsoft or Linux and will see moving from VMS to
>> one of those as "modernization" of a legacy system.
>
> If you replace a system with a significantly newer system then
> it seems fair to call it a modernization.

I quoted modernization because it is usual used as an epithet like
"legacy". It is frequently change for changes sake.


>
> One just need to understand that newer does not guarantee
> better.

And change for changes sake is seldom a good thing.

>
>>                                                       Go read some
>> of the stuff on LinkedIn about "Legacy Systems".  Not specifically
>> about VMS but the attitude is even if it still does the job if it
>> is old (ie. COBOL) it is bad and a problem.
>
> Being old is not a problem in itself.

Being old is never a problem in itself. I'm old and regularly
compete with people less than half my age, successfully.

>
> It becomes a problem if:
> - it is out of support

Lack of support for one part of an IS should not be a reason to
abandon it in its entirety.

> - it is hard to find people with skills

That is a fixable problem.

https://edscoop.com/college-legacy-programming-langauges-grant-bill/


> - it does not integrate with newer system that it need to
>   integrate with

With the exception of Dave's system (I actually know very little
about VMS BASIC) I can think of no legacy system that can not be
integrated into a modern system. I have had no problems doing web
programming with COBOL.

> - it is expensive to maintain

In the case of legacy systems expense is more objective than
subjective. A little research will show how the majority of
these modernization projects usually run way over budget and
seldom accomplish their original goal.

bill


Simon Clubley

unread,
Aug 7, 2021, 7:20:10 PMAug 7
to
On 2021-08-07, Bob Eager <news...@eager.cx> wrote:
>
> I always thought that the primary purpose of LMF was a 'light touch' way
> of making sure that compaies kept up with their licensing, even if the
> company was a bit disorganised.
>

There is a major change between then and now.

Back in those days hardware cost a _lot_ of money. If you had enough
money to buy the hardware, you also had enough money to buy the
software.

These days hardware is cheap compared to the cost of the software.
There is a much stronger motivation for some people to try and
break the licencing so they can run the expensive software on
cheap hardware.

The old LMF is no longer suitable for purpose in this new world
with its different dynamics and I would be absolutely amazed
if VSI were not looking at making the licencing software much
stronger as a result.

Arne Vajhøj

unread,
Aug 7, 2021, 7:23:57 PMAug 7
to
On 8/7/2021 6:40 PM, Dave Froble wrote:
> It has occurred to me that VSI should have the opportunity to know who
> is using x86 VMS.  From the beginning, they implement some sort of
> reporting scheme.  For VMS to run, it has to check in with VSI.  There
> may be situations where such is not feasible, but, that can also be
> handled.

In general such requiring internet access or as a fallback a
phone call is not popular with users.

And if there is little cheating then VSI already knows
the user base because they know what licenses has been
issued.

Arne

Simon Clubley

unread,
Aug 7, 2021, 7:23:59 PMAug 7
to
On 2021-08-07, Bill Gunshannon <bill.gu...@gmail.com> wrote:
>
> I suspect that it is "Hobbyists" that are and are likely to continue
> using pakgen.c. I doubt any legitimate business would as the legal
> implications (even without VSI being involved) as a serious concern.
> You don't think the auditors or legal department would be looking at
> this?
>

Before Windows online activation was created, how many people reused
the same licence key on different PCs ? In other words, how many people
had more PCs than licences for the software which ran on them ?

Simon Clubley

unread,
Aug 7, 2021, 7:26:26 PMAug 7
to
On 2021-08-07, Bob Eager <news...@eager.cx> wrote:
>
> But they haven't been available for some months for VAX, and there will
> be no more.
>

The final hobbyist VAX licences (and HPE Alpha VMS licences) expire
at the end of this year. The final licences were given an extra year
to run.

Arne Vajhøj

unread,
Aug 7, 2021, 7:27:46 PMAug 7
to
On 8/7/2021 7:20 PM, Simon Clubley wrote:
> On 2021-08-07, Bob Eager <news...@eager.cx> wrote:
>> I always thought that the primary purpose of LMF was a 'light touch' way
>> of making sure that compaies kept up with their licensing, even if the
>> company was a bit disorganised.
>
> There is a major change between then and now.
>
> Back in those days hardware cost a _lot_ of money. If you had enough
> money to buy the hardware, you also had enough money to buy the
> software.
>
> These days hardware is cheap compared to the cost of the software.
> There is a much stronger motivation for some people to try and
> break the licencing so they can run the expensive software on
> cheap hardware.
>
> The old LMF is no longer suitable for purpose in this new world
> with its different dynamics and I would be absolutely amazed
> if VSI were not looking at making the licencing software much
> stronger as a result.

Why?

Strong license checks is a home computer software thing.

In the professional market there is not much need. Relative
few cheat. And the usual way to check against cheating
is a software license audit.

Arne

Simon Clubley

unread,
Aug 7, 2021, 7:28:39 PMAug 7
to
On 2021-08-07, Arne Vajhøj <ar...@vajhoej.dk> wrote:
> On 8/7/2021 7:59 AM, Bill Gunshannon wrote:
>> On 8/6/21 8:59 PM, Dave Froble wrote:
>>> The second part is unreasonable paranoia.  Who and where are these
>>> "cheaters"?  I don't know of any.  Does anyone?  Most of us are just
>>> happy that VSI is there to support us, and we understand they need
>>> revenue to do so.  Which is why I prefer they have recurring revenue
>>> rather than one time license sales.
>>
>> I agree with this entirely.
>
> Given that VMS is mostly for professional usage and that
> software piracy is not common for professional usage, then
> it is not likely that software piracy is a major problem.
>

What about some people reusing licence keys for some Microsoft Windows
and Windows applications before online activation was implemented ?

Arne Vajhøj

unread,
Aug 7, 2021, 7:29:44 PMAug 7
to
On 8/7/2021 7:23 PM, Simon Clubley wrote:
> Before Windows online activation was created, how many people reused
> the same licence key on different PCs ? In other words, how many people
> had more PCs than licences for the software which ran on them ?

Among the home PC build it yourself enthusiasts: millions.

But that is not the market VMS is into.

Arne


Arne Vajhøj

unread,
Aug 7, 2021, 7:30:31 PMAug 7
to
On 8/7/2021 7:28 PM, Simon Clubley wrote:
> On 2021-08-07, Arne Vajhøj <ar...@vajhoej.dk> wrote:
>> On 8/7/2021 7:59 AM, Bill Gunshannon wrote:
>>> On 8/6/21 8:59 PM, Dave Froble wrote:
>>>> The second part is unreasonable paranoia.  Who and where are these
>>>> "cheaters"?  I don't know of any.  Does anyone?  Most of us are just
>>>> happy that VSI is there to support us, and we understand they need
>>>> revenue to do so.  Which is why I prefer they have recurring revenue
>>>> rather than one time license sales.
>>>
>>> I agree with this entirely.
>>
>> Given that VMS is mostly for professional usage and that
>> software piracy is not common for professional usage, then
>> it is not likely that software piracy is a major problem.
>
> What about some people reusing licence keys for some Microsoft Windows
> and Windows applications before online activation was implemented ?

What about that?

Home usage <> professional usage.

Arne

Simon Clubley

unread,
Aug 7, 2021, 7:35:14 PMAug 7
to
On 2021-08-07, Dave Froble <da...@tsoft-inc.com> wrote:
>
> It has occurred to me that VSI should have the opportunity to know who
> is using x86 VMS. From the beginning, they implement some sort of
> reporting scheme. For VMS to run, it has to check in with VSI. There
> may be situations where such is not feasible, but, that can also be handled.
>

SOD THAT !!!!!

That raises all kinds of security and denial of service issues.

People could be persuaded to allow this for a one-time licence
activation process but there's no way that many people are going
to allow that on an ongoing basis as part of the boot process and
then stop the boot if the check in with VSI fails.

What happens if you have external communications down ?

What happens if VSI have system availability issues ?

What happens if VSI goes bust ?

Simon Clubley

unread,
Aug 7, 2021, 7:40:02 PMAug 7
to
So you are saying that businesses never reused Windows and Windows
applications licence keys before Windows activation was invented ?

Arne Vajhøj

unread,
Aug 7, 2021, 7:40:51 PMAug 7
to
On 8/7/2021 6:42 PM, Bill Gunshannon wrote:
> On 8/7/21 5:56 PM, Arne Vajhøj wrote:
>> On 8/7/2021 7:59 AM, Bill Gunshannon wrote:
>>>                                                       Go read some
>>> of the stuff on LinkedIn about "Legacy Systems".  Not specifically
>>> about VMS but the attitude is even if it still does the job if it
>>> is old (ie. COBOL) it is bad and a problem.
>>
>> Being old is not a problem in itself.
>
> Being old is never a problem in itself.  I'm old and regularly
> compete with people less than half my age, successfully.
>
>> It becomes a problem if:
>> - it is out of support
>
> Lack of support for one part of an IS should not be a reason to
> abandon it in its entirety.

If that part cannot be replaced: yes it is.

And even if that part can be replaced then the question is at what
cost compared top the replacement. And it also raises the question
about whether other parts will go out of support soon.

>> - it is hard to find people with skills
>
> That is a fixable problem.
>
> https://edscoop.com/college-legacy-programming-langauges-grant-bill/

That is a good proposal.

But do you expect serious companies to base their future on that
such a bill get approved, that funding will continue in the future
and that students will be interested?

>> - it does not integrate with newer system that it need to
>>    integrate with
>
> With the exception of Dave's system (I actually know very little
> about VMS BASIC) I can think of no legacy system that can not be
> integrated into a modern system.  I have had no problems doing web
> programming with COBOL.

Anything can be somewhat integrated using various hacks.

But good integration will often be either impossible or
expensive.

>> - it is expensive to maintain
>
> In the case of legacy systems expense is more objective than
> subjective.  A little research will show how the majority of
> these modernization projects usually run way over budget and
> seldom accomplish their original goal.

Huge IT projects are in general risky.

Migration projects are no exception.

Arne




Arne Vajhøj

unread,
Aug 7, 2021, 7:53:30 PMAug 7
to
On 8/7/2021 7:40 PM, Simon Clubley wrote:
> On 2021-08-07, Arne Vajhøj <ar...@vajhoej.dk> wrote:
>> On 8/7/2021 7:28 PM, Simon Clubley wrote:
>>>
>>> What about some people reusing licence keys for some Microsoft Windows
>>> and Windows applications before online activation was implemented ?
>>
>> What about that?
>>
>> Home usage <> professional usage.
>
> So you are saying that businesses never reused Windows and Windows
> applications licence keys before Windows activation was invented ?

That must have been pretty rare.

Companies in general do not want to base their business on
software piracy.

BTW, corporate Windows PC's does not activate Windows
licenses like home PC's does. MS licenses are a jungle, but
my understanding of current practice is that there are
MAK licenses where the same license can be activated multiple times
similar way as home PC's and KMS where PC's activate from
corporate KMS server without talking to MS.

Arne


Bill Gunshannon

unread,
Aug 7, 2021, 8:05:18 PMAug 7
to
On 8/7/21 7:23 PM, Simon Clubley wrote:
> On 2021-08-07, Bill Gunshannon <bill.gu...@gmail.com> wrote:
>>
>> I suspect that it is "Hobbyists" that are and are likely to continue
>> using pakgen.c. I doubt any legitimate business would as the legal
>> implications (even without VSI being involved) as a serious concern.
>> You don't think the auditors or legal department would be looking at
>> this?
>>
>
> Before Windows online activation was created, how many people reused
> the same licence key on different PCs ?

In home use, I am sure a few. But being as every box bought by
none geeks came with a copy of the current Windows OS what reason
would people have had?



> In other words, how many people
> had more PCs than licences for the software which ran on them ?

I suspect not as many as you would like to think. See the reason above.

And between home and office it is like hobbyist and production.
While there may be some in home use (but I suspect less than
you might be hoping for to support your argument) among office
systems I expect the number is a statistically insignificant
number greater than zero.

I am a geek and all of my Windows systems (a dwindling number lately)
have been legitimately licensed and that includes the 98, NT and 2000
systems I still play with.

bill

Bill Gunshannon

unread,
Aug 7, 2021, 8:06:35 PMAug 7
to
I suspect that most of the home PC build it yourself market are
not running Windows at all but Linux, BSD or something else.

bill

Bill Gunshannon

unread,
Aug 7, 2021, 8:08:27 PMAug 7
to
On 8/7/21 7:35 PM, Simon Clubley wrote:
> On 2021-08-07, Dave Froble <da...@tsoft-inc.com> wrote:
>>
>> It has occurred to me that VSI should have the opportunity to know who
>> is using x86 VMS. From the beginning, they implement some sort of
>> reporting scheme. For VMS to run, it has to check in with VSI. There
>> may be situations where such is not feasible, but, that can also be handled.
>>
>
> SOD THAT !!!!!
>
> That raises all kinds of security and denial of service issues.
>
> People could be persuaded to allow this for a one-time licence
> activation process but there's no way that many people are going
> to allow that on an ongoing basis as part of the boot process and
> then stop the boot if the check in with VSI fails.
>
> What happens if you have external communications down ?
>
> What happens if VSI have system availability issues ?
>
> What happens if VSI goes bust ?
>

What happens if your on SIPRnet? :-)

bill


Bill Gunshannon

unread,
Aug 7, 2021, 8:24:21 PMAug 7
to
On 8/7/21 7:40 PM, Arne Vajhøj wrote:
> On 8/7/2021 6:42 PM, Bill Gunshannon wrote:
>> On 8/7/21 5:56 PM, Arne Vajhøj wrote:
>>> On 8/7/2021 7:59 AM, Bill Gunshannon wrote:
>>>>                                                       Go read some
>>>> of the stuff on LinkedIn about "Legacy Systems".  Not specifically
>>>> about VMS but the attitude is even if it still does the job if it
>>>> is old (ie. COBOL) it is bad and a problem.
>>>
>>> Being old is not a problem in itself.
>>
>> Being old is never a problem in itself.  I'm old and regularly
>> compete with people less than half my age, successfully.
>>
>>> It becomes a problem if:
>>> - it is out of support
>>
>> Lack of support for one part of an IS should not be a reason to
>> abandon it in its entirety.
>
> If that part cannot be replaced: yes it is.

If your running a VAX then it might be a problem. But, believe it
or not, most legacy systems are not running on old or non-existant
hardware. VMS being the main exception. :-)

>
> And even if that part can be replaced then the question is at what
> cost compared top the replacement. And it also raises the question
> about whether other parts will go out of support soon.

As has been stated here numerous times in the past, unless you are
running custom hardware and doing things like device control this
is not likely to be a problem. let's limit this to the kind of
things VMS is actually used for in most cases.

>
>>> - it is hard to find people with skills
>>
>> That is a fixable problem.
>>
>> https://edscoop.com/college-legacy-programming-langauges-grant-bill/
>
> That is a good proposal.
>
> But do you expect serious companies to base their future on that
> such a bill get approved,

I have little doubt that it will be approved. Financially it is a
totally non-apparent bump in the budget.

> that funding will continue in the future

That will depend on whether or not academia decides to swallow their
pride and get behind the idea. I am doing what I can to try and help
it, but for totally non-technical reasons it is going to be a hard sell.

> and that students will be interested?

I had students interested in legacy systems when I still worked at
the University even with members of the faculty attacking much of
what I was selling.

>
>>> - it does not integrate with newer system that it need to
>>>    integrate with
>>
>> With the exception of Dave's system (I actually know very little
>> about VMS BASIC) I can think of no legacy system that can not be
>> integrated into a modern system.  I have had no problems doing web
>> programming with COBOL.
>
> Anything can be somewhat integrated using various hacks.

I needed no hacks to get COBOL running on the web. It's a mindset
problem, not a technical one.

>
> But good integration will often be either impossible or
> expensive.

I would like to see examples of this, Real ones, not some of the
typical contrived examples I usually see where the target moves
with every new iteration. There are a lot of modern, used everyday
ISes that are based on what are called legacy systems and languages.
MOst of the users never notice.

>
>>> - it is expensive to maintain
>>
>> In the case of legacy systems expense is more objective than
>> subjective.  A little research will show how the majority of
>> these modernization projects usually run way over budget and
>> seldom accomplish their original goal.
>
> Huge IT projects are in general risky.
>
> Migration projects are no exception.
>

Which is all the more reason to stay the course and clearly
understand "modernization" before you start throwing terms
around. A COBOL IS running on a PDP-11 or TOPS system does
not need a new language. Re-writting it in Java or C# or
even Python will get you nothing but a potential for new
bugs, inefficiencies and business logic problems.

bill

Bill Gunshannon

unread,
Aug 7, 2021, 8:27:49 PMAug 7
to
On 8/7/21 7:40 PM, Simon Clubley wrote:
> On 2021-08-07, Arne Vajhøj <ar...@vajhoej.dk> wrote:
>> On 8/7/2021 7:28 PM, Simon Clubley wrote:
>>>
>>> What about some people reusing licence keys for some Microsoft Windows
>>> and Windows applications before online activation was implemented ?
>>
>> What about that?
>>
>> Home usage <> professional usage.
>>
>
> So you are saying that businesses never reused Windows and Windows
> applications licence keys before Windows activation was invented ?
>

Highly unlikely. Legal would have people fired for that. And,
it would be totally unnecessary as the cost is a write-off like
the phone bill, the purchase of the computer, etc. etc. etc.

bill

Dave Froble

unread,
Aug 7, 2021, 10:17:44 PMAug 7
to
On 8/7/2021 7:35 PM, Simon Clubley wrote:
> On 2021-08-07, Dave Froble <da...@tsoft-inc.com> wrote:
>>
>> It has occurred to me that VSI should have the opportunity to know who
>> is using x86 VMS. From the beginning, they implement some sort of
>> reporting scheme. For VMS to run, it has to check in with VSI. There
>> may be situations where such is not feasible, but, that can also be handled.
>>
>
> SOD THAT !!!!!

I didn't say it would be a good idea, it was just something I thought
of. Something like that would have been much harder (or impossible) in
the 1970s and 1980s. But today, the concept of always knowing who is
running VMS might be interesting.

Perhaps it would require all VSI employees to have a top secret clearance.

:-)

> That raises all kinds of security and denial of service issues.

Perhaps, and perhaps there would be solutions.

> People could be persuaded to allow this for a one-time licence
> activation process but there's no way that many people are going
> to allow that on an ongoing basis as part of the boot process and
> then stop the boot if the check in with VSI fails.

Maybe it would not stop booting and running?

> What happens if you have external communications down ?

Phone call? Oh, wait, phones are "communications".

> What happens if VSI have system availability issues ?

Phone call?

> What happens if VSI goes bust ?

Seems like we already got that ...


Instead of complaining, why don't you think of possible solutions.
Don't bring me problems, bring me solutions.

Dave Froble

unread,
Aug 7, 2021, 10:26:12 PMAug 7
to
On 8/7/2021 7:40 PM, Arne Vajhøj wrote:
> On 8/7/2021 6:42 PM, Bill Gunshannon wrote:
>> On 8/7/21 5:56 PM, Arne Vajhøj wrote:
>>> On 8/7/2021 7:59 AM, Bill Gunshannon wrote:
>>>> Go read some
>>>> of the stuff on LinkedIn about "Legacy Systems". Not specifically
>>>> about VMS but the attitude is even if it still does the job if it
>>>> is old (ie. COBOL) it is bad and a problem.
>>>
>>> Being old is not a problem in itself.
>>
>> Being old is never a problem in itself. I'm old and regularly
>> compete with people less than half my age, successfully.

Wrestling?

:-)

>>> It becomes a problem if:
>>> - it is out of support
>>
>> Lack of support for one part of an IS should not be a reason to
>> abandon it in its entirety.
>
> If that part cannot be replaced: yes it is.

Anything can be replaced. The required effort may or may not be excessive.

> And even if that part can be replaced then the question is at what
> cost compared top the replacement. And it also raises the question
> about whether other parts will go out of support soon.

Vs the cost of doing a replacement?

>>> - it is hard to find people with skills
>>
>> That is a fixable problem.
>>
>> https://edscoop.com/college-legacy-programming-langauges-grant-bill/
>
> That is a good proposal.
>
> But do you expect serious companies to base their future on that
> such a bill get approved, that funding will continue in the future
> and that students will be interested?

Students are interested in getting jobs.

Now, the damn educators who think they know everything, maybe they
should not have jobs.

>>> - it does not integrate with newer system that it need to
>>> integrate with
>>
>> With the exception of Dave's system (I actually know very little
>> about VMS BASIC) I can think of no legacy system that can not be
>> integrated into a modern system. I have had no problems doing web
>> programming with COBOL.

Basic is no different than any other language.

> Anything can be somewhat integrated using various hacks.
>
> But good integration will often be either impossible or
> expensive.

BULLSHIT !!!!

>>> - it is expensive to maintain
>>
>> In the case of legacy systems expense is more objective than
>> subjective. A little research will show how the majority of
>> these modernization projects usually run way over budget and
>> seldom accomplish their original goal.
>
> Huge IT projects are in general risky.
>
> Migration projects are no exception.

And if it ain't broke, why fix it?

Dave Froble

unread,
Aug 7, 2021, 10:31:54 PMAug 7
to
On 8/7/2021 8:24 PM, Bill Gunshannon wrote:
> On 8/7/21 7:40 PM, Arne Vajhøj wrote:
>> On 8/7/2021 6:42 PM, Bill Gunshannon wrote:
>>> On 8/7/21 5:56 PM, Arne Vajhøj wrote:
>>>> On 8/7/2021 7:59 AM, Bill Gunshannon wrote:
>>>>> Go read some
>>>>> of the stuff on LinkedIn about "Legacy Systems". Not specifically
>>>>> about VMS but the attitude is even if it still does the job if it
>>>>> is old (ie. COBOL) it is bad and a problem.
>>>>
>>>> Being old is not a problem in itself.
>>>
>>> Being old is never a problem in itself. I'm old and regularly
>>> compete with people less than half my age, successfully.
>>>
>>>> It becomes a problem if:
>>>> - it is out of support
>>>
>>> Lack of support for one part of an IS should not be a reason to
>>> abandon it in its entirety.
>>
>> If that part cannot be replaced: yes it is.
>
> If your running a VAX then it might be a problem. But, believe it
> or not, most legacy systems are not running on old or non-existant
> hardware. VMS being the main exception. :-)

People are using VAX emulators that run quite a bit faster than any VAX.

>> And even if that part can be replaced then the question is at what
>> cost compared top the replacement. And it also raises the question
>> about whether other parts will go out of support soon.
>
> As has been stated here numerous times in the past, unless you are
> running custom hardware and doing things like device control this
> is not likely to be a problem. let's limit this to the kind of
> things VMS is actually used for in most cases.

What? Common sense in c.o.v? No, we can't have any of that.

Bob Eager

unread,
Aug 8, 2021, 1:55:52 AMAug 8
to
On Sat, 07 Aug 2021 23:26:24 +0000, Simon Clubley wrote:

> On 2021-08-07, Bob Eager <news...@eager.cx> wrote:
>>
>> But they haven't been available for some months for VAX, and there will
>> be no more.
>>
>>
> The final hobbyist VAX licences (and HPE Alpha VMS licences) expire at
> the end of this year. The final licences were given an extra year to
> run.

That's what I meant by 'there will be no more'.

Bill Gunshannon

unread,
Aug 8, 2021, 7:29:55 AMAug 8
to
On 8/7/21 10:17 PM, Dave Froble wrote:
> On 8/7/2021 7:35 PM, Simon Clubley wrote:
>> On 2021-08-07, Dave Froble <da...@tsoft-inc.com> wrote:
>>>
>>> It has occurred to me that VSI should have the opportunity to know who
>>> is using x86 VMS.  From the beginning, they implement some sort of
>>> reporting scheme.  For VMS to run, it has to check in with VSI.  There
>>> may be situations where such is not feasible, but, that can also be
>>> handled.
>>>
>>
>> SOD THAT !!!!!
>
> I didn't say it would be a good idea, it was just something I thought
> of.  Something like that would have been much harder (or impossible) in
> the 1970s and 1980s.  But today, the concept of always knowing who is
> running VMS might be interesting.
>
> Perhaps it would require all VSI employees to have a top secret clearance.
>
> :-)

Having a security clearance does not automatically grant you access
to classified information.

>
>> That raises all kinds of security and denial of service issues.
>
> Perhaps, and perhaps there would be solutions.

Yes, and one of those solutions would be to move off of VMS. :-)

>
>> People could be persuaded to allow this for a one-time licence
>> activation process but there's no way that many people are going
>> to allow that on an ongoing basis as part of the boot process and
>> then stop the boot if the check in with VSI fails.
>
> Maybe it would not stop booting and running?

If it doesn't do something what would be the point?

>
>> What happens if you have external communications down ?
>
> Phone call?  Oh, wait, phones are "communications".
>
>> What happens if VSI have system availability issues ?
>
> Phone call?

If all they have is 5 customers, that might work.

>
>> What happens if VSI goes bust ?
>
> Seems like we already got that ...
>
>
> Instead of complaining, why don't you think of possible solutions. Don't
> bring me problems, bring me solutions.
>

The two sides of this discussion have opposing needs and desires. A
satisfactory solution could be more difficult than you think.

bill

Arne Vajhøj

unread,
Aug 8, 2021, 10:26:47 AMAug 8
to
Nope.

A very large portion of home built PC's are gamer rigs
running Windows.

Arne

Arne Vajhøj

unread,
Aug 8, 2021, 10:37:57 AMAug 8
to
On 8/7/2021 8:24 PM, Bill Gunshannon wrote:
> On 8/7/21 7:40 PM, Arne Vajhøj wrote:
>> On 8/7/2021 6:42 PM, Bill Gunshannon wrote:
>>> On 8/7/21 5:56 PM, Arne Vajhøj wrote:
>>>> On 8/7/2021 7:59 AM, Bill Gunshannon wrote:
>>>>>                                                       Go read some
>>>>> of the stuff on LinkedIn about "Legacy Systems".  Not specifically
>>>>> about VMS but the attitude is even if it still does the job if it
>>>>> is old (ie. COBOL) it is bad and a problem.
>>>>
>>>> Being old is not a problem in itself.
>>>
>>> Being old is never a problem in itself.  I'm old and regularly
>>> compete with people less than half my age, successfully.
>>>
>>>> It becomes a problem if:
>>>> - it is out of support
>>>
>>> Lack of support for one part of an IS should not be a reason to
>>> abandon it in its entirety.
>>
>> If that part cannot be replaced: yes it is.
>
> If your running a VAX then it might be a problem.  But, believe it
> or not, most legacy systems are not running on old or non-existant
> hardware.  VMS being the main exception.  :-)

Things goes out of support all the time.

CPU architectures (ISA).

OS. Either completely or on specific CPU architecture.

Database servers, web servers, application servers,
message queue servers, cache servers etc.. Either completely
or on specific OS or on specific OS and CPU architecture
combination.

Libraries.

Shrinking OS are obviously harder hit than growing OS, but
it is far from a VMS specific problem.

>> And even if that part can be replaced then the question is at what
>> cost compared top the replacement. And it also raises the question
>> about whether other parts will go out of support soon.
>
> As has been stated here numerous times in the past, unless you are
> running custom hardware and doing things like device control this
> is not likely to be a problem.

Of course it is a problem.

Remember what happened when Oracle announced that they would
drop support for VMS in Oracle DB client library? Not only was it a
problem for those using Oracle DB, but it also worried those
using Oracle Rdb a bit.

>>>> - it is hard to find people with skills
>>>
>>> That is a fixable problem.
>>>
>>> https://edscoop.com/college-legacy-programming-langauges-grant-bill/
>>
>> That is a good proposal.
>>
>> But do you expect serious companies to base their future on that
>> such a bill get approved,
>
> I  have little doubt that it will be approved.  Financially it is a
> totally non-apparent bump in the budget.
>
>>                            that funding will continue in the future
>
> That will depend on whether or not academia decides to swallow their
> pride and get behind the idea.  I am doing what I can to try and help
> it, but for totally non-technical reasons it is going to be a hard sell.
>
>> and that students will be interested?
>
> I had students interested in legacy systems when I still worked at
> the University even with members of the faculty attacking much of
> what I was selling.

Bottom line: lots of hope but nothing sure.

Most businesses will prefer a technology where they know
they can get people over a technology where they hope
they can get people.

>>>> - it is expensive to maintain
>>>
>>> In the case of legacy systems expense is more objective than
>>> subjective.  A little research will show how the majority of
>>> these modernization projects usually run way over budget and
>>> seldom accomplish their original goal.
>>
>> Huge IT projects are in general risky.
>>
>> Migration projects are no exception.
>>
>
> Which is all the more reason to stay the course and clearly
> understand "modernization" before you start throwing terms
> around.  A COBOL IS running on a PDP-11 or TOPS system does
> not need a new language.  Re-writting it in Java or C# or
> even Python will get you nothing but a potential for new
> bugs, inefficiencies and business logic problems.

Not true.

It will get you on a supported platform where you can
easily get people with the skills.

Yes - a migration come with some risk.

Main risk mitigation factor is the skills of those
doing the migration.

Arne

Arne Vajhøj

unread,
Aug 8, 2021, 10:45:55 AMAug 8
to
On 8/7/2021 10:25 PM, Dave Froble wrote:
> On 8/7/2021 7:40 PM, Arne Vajhøj wrote:
>> On 8/7/2021 6:42 PM, Bill Gunshannon wrote:
>>> On 8/7/21 5:56 PM, Arne Vajhøj wrote:
>>>> It becomes a problem if:
>>>> - it is out of support
>>>
>>> Lack of support for one part of an IS should not be a reason to
>>> abandon it in its entirety.
>>
>> If that part cannot be replaced: yes it is.
>
> Anything can be replaced.  The required effort may or may not be excessive.

The effort of creating a CPU replacement or an OS replacement
or a database replacement will be excessive for sure.

>> And even if that part can be replaced then the question is at what
>> cost compared top the replacement. And it also raises the question
>> about whether other parts will go out of support soon.
>
> Vs the cost of doing a replacement?

The logic goes like:
- if it cost 1 M$ to replace A
- if it cost 2 M$ to migrate
- then just looking at A make migration a bad plan
- but if B, C, D and E are all going to go out of support within
the next 3 years and they will also cost 1 M$ a piece to replace
the the migration business case looks much better

>>>> - it is hard to find people with skills
>>>
>>> That is a fixable problem.
>>>
>>> https://edscoop.com/college-legacy-programming-langauges-grant-bill/
>>
>> That is a good proposal.
>>
>> But do you expect serious companies to base their future on that
>> such a bill get approved, that funding will continue in the future
>> and that students will be interested?
>
> Students are interested in getting jobs.
>
> Now, the damn educators who think they know everything, maybe they
> should not have jobs.

Business has to act according to how the world is not how
the world should be.

>>>> - it is expensive to maintain
>>>
>>> In the case of legacy systems expense is more objective than
>>> subjective.  A little research will show how the majority of
>>> these modernization projects usually run way over budget and
>>> seldom accomplish their original goal.
>>
>> Huge IT projects are in general risky.
>>
>> Migration projects are no exception.
>
> And if it ain't broke, why fix it?

If you have commitments from vendors that the HW and SW
will be supported for 10+ years and you get hundreds
of qualified applicants when you put up a job ad and
the users are happy with the cost and time to integrate with
other solutions, then there is no reason to fix anything.

But ...

Arne


VAXman-

unread,
Aug 8, 2021, 11:47:11 AMAug 8
to
In article <sekme9$96d$1...@dont-email.me>, Simon Clubley <clubley@remove_me.eisner.decus.org-Earth.UFP> writes:
>On 2021-08-06, Dave Froble <da...@tsoft-inc.com> wrote:
>> On 8/6/2021 8:41 PM, Simon Clubley wrote:
>>>
>>> Even _if_ that is the case Jim, this situation could provoke
>>> a strong response from VSI.
>>>
>>> For example, VSI are very clearly in a mindset that's all about
>>> collecting ongoing revenue from the users and making sure the
>>> users don't try "cheating".
>>
>> The first part of that is reasonable and how things must be if VSI and
>> VMS are going to be around for a while.
>>
>> The second part is unreasonable paranoia. Who and where are these
>> "cheaters"? I don't know of any. Does anyone? Most of us are just
>> happy that VSI is there to support us, and we understand they need
>> revenue to do so. Which is why I prefer they have recurring revenue
>> rather than one time license sales.
>>
>
>If VSI were not worried about such things, they would not be
>implementing time-limited licences on production machines.
>
>Whether they are actually _right_ to be worried about such things
>is a question I cannot answer.

LMF, the way it has been used by the keepers and caretakers of VMS, isn't
strong. However, when it was implemented, VMS engineering said it wasn't
intended to be a enforcement tool. There are fields in the LMF PAK that
can be employed to make PAK verification stronger. I routinely make use
of the hardware ID and token fields to strengthen enforcement. Perhaps,
before complaining about a VMS tool, you should learn a little bit more
about the tool.

--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG

I speak to machines with the voice of humanity.

VAXman-

unread,
Aug 8, 2021, 11:52:27 AMAug 8
to
In article <sen4f7$sfu$1...@dont-email.me>, Simon Clubley <clubley@remove_me.eisner.decus.org-Earth.UFP> writes:
>On 2021-08-07, Bob Eager <news...@eager.cx> wrote:
>>
>> I always thought that the primary purpose of LMF was a 'light touch' way
>> of making sure that compaies kept up with their licensing, even if the
>> company was a bit disorganised.
>>
>
>There is a major change between then and now.
>
>Back in those days hardware cost a _lot_ of money. If you had enough
>money to buy the hardware, you also had enough money to buy the
>software.
>
>These days hardware is cheap compared to the cost of the software.
>There is a much stronger motivation for some people to try and
>break the licencing so they can run the expensive software on
>cheap hardware.
>
>The old LMF is no longer suitable for purpose in this new world
>with its different dynamics and I would be absolutely amazed
>if VSI were not looking at making the licencing software much
>stronger as a result.

HOW is it no longer suitable? More WEENDOZE-like licensing? There
have been publications of a Micro$oft checksum sieve too. Is theirs
unsuitable as well?

Dave Froble

unread,
Aug 8, 2021, 1:56:17 PMAug 8
to
Quite often I wonder about people's motivations.

One thought is the benefits, and to whom, of suggesting changing of
applications and systems.

For a company, running computer systems is a cost, not a profit, in most
cases. So, spending more money to make a change may or may not be in
the company's best interest. Usually it is not.

However, looking at the employees, what is the benefit to them? More
work? Enhancing their resume?

Enhancing a resume does nothing for the current employer. It is
harmful, since the employees may be suggesting unneeded work, and costs,
and to quite likely leave the company when a better offer is obtained,
perhaps because of the enhanced resume.

I question the motivations ....

Arne Vajhøj

unread,
Aug 8, 2021, 2:09:10 PMAug 8
to
On 8/8/2021 1:56 PM, Dave Froble wrote:
> Quite often I wonder about people's motivations.
>
> One thought is the benefits, and to whom, of suggesting changing of
> applications and systems.
>
> For a company, running computer systems is a cost, not a profit, in most
> cases.  So, spending more money to make a change may or may not be in
> the company's best interest.  Usually it is not.
>
> However, looking at the employees, what is the benefit to them?  More
> work?  Enhancing their resume?
>
> Enhancing a resume does nothing for the current employer.  It is
> harmful, since the employees may be suggesting unneeded work, and costs,
> and to quite likely leave the company when a better offer is obtained,
> perhaps because of the enhanced resume.
>
> I question the motivations ....

Everybody is trying to maximize their own benefits.

Some employees may be looking to get something more widely used
on their resume for future career purposes and push for change.

Some employees may be push back on change because it may
change their status from expert in the old technology to beginner
in the new technology.

Vendors of the old technology (if such still exist) will
want to keep the customer.

Vendors of the new technology will want to get a new
customer.

Various consultants will want to make money making
recommendations.

Somebody in the company leadership will need to
analyze all the different input and decide what is
best for the company.

Arne

Arne Vajhøj

unread,
Aug 8, 2021, 4:42:26 PMAug 8
to
On 8/7/2021 8:24 PM, Bill Gunshannon wrote:
> On 8/7/21 7:40 PM, Arne Vajhøj wrote:
>> On 8/7/2021 6:42 PM, Bill Gunshannon wrote:
>>> On 8/7/21 5:56 PM, Arne Vajhøj wrote:
>>>> - it does not integrate with newer system that it need to
>>>>    integrate with
>>>
>>> With the exception of Dave's system (I actually know very little
>>> about VMS BASIC) I can think of no legacy system that can not be
>>> integrated into a modern system.  I have had no problems doing web
>>> programming with COBOL.
>>
>> Anything can be somewhat integrated using various hacks.
>
> I needed no hacks to get COBOL running on the web.  It's a mindset
> problem, not a technical one.

Literally nay programming language can be used to write
a CGI script.

But there is a very long way from the 1995 CGI scripts
to modern web solutions.

Did you Cobol web app support:
- session sharing across cluster
- OAuth integration
- LDAP integraion
- verification of client certificate
- Redis or memcached for cache
- exposing status / load info to load balancer
- reporting stats and health check to IBM Tivoli / CA Unicenter / Zabbix
- reporting to Prometheus
- HTTP/2 push
- web sockets
- switching to in-cloud managed service for database
- having accept request header determine response format
?

Arne


Jan-Erik Söderholm

unread,
Aug 8, 2021, 4:52:27 PMAug 8
to
Are we/you talkning about an application that runs "on the web"
without any other help from a normal web server?

In the OpenVMS case, most of your points above would be handled
by WASD (just as I know that one best) and the Cobol code just
do the business logic. Maybe a small C-jacket to handle the
CGI API against WASD also. But there is nothing stopping some
Cobol code to be the main business logic in an web solution.

Today, and particular on an real environment such as OpenVMS
(not some embedded thing), I do not see why one would put all
the functionallity, that already has been developed and debugged
by a tool such as WASD, into your own application.


Bill Gunshannon

unread,
Aug 8, 2021, 7:07:58 PMAug 8
to
On 8/7/21 10:25 PM, Dave Froble wrote:
> On 8/7/2021 7:40 PM, Arne Vajhøj wrote:
>> On 8/7/2021 6:42 PM, Bill Gunshannon wrote:
>>> On 8/7/21 5:56 PM, Arne Vajhøj wrote:
>>>> On 8/7/2021 7:59 AM, Bill Gunshannon wrote:
>>>>>                                                       Go read some
>>>>> of the stuff on LinkedIn about "Legacy Systems".  Not specifically
>>>>> about VMS but the attitude is even if it still does the job if it
>>>>> is old (ie. COBOL) it is bad and a problem.
>>>>
>>>> Being old is not a problem in itself.
>>>
>>> Being old is never a problem in itself.  I'm old and regularly
>>> compete with people less than half my age, successfully.
>
> Wrestling?
>
> :-)

CrossFit

>
>>>> It becomes a problem if:
>>>> - it is out of support
>>>
>>> Lack of support for one part of an IS should not be a reason to
>>> abandon it in its entirety.
>>
>> If that part cannot be replaced: yes it is.
>
> Anything can be replaced.  The required effort may or may not be excessive.
>
>> And even if that part can be replaced then the question is at what
>> cost compared top the replacement. And it also raises the question
>> about whether other parts will go out of support soon.
>
> Vs the cost of doing a replacement?
>
>>>> - it is hard to find people with skills
>>>
>>> That is a fixable problem.
>>>
>>> https://edscoop.com/college-legacy-programming-langauges-grant-bill/
>>
>> That is a good proposal.
>>
>> But do you expect serious companies to base their future on that
>> such a bill get approved, that funding will continue in the future
>> and that students will be interested?
>
> Students are interested in getting jobs.

Well, not all of them. Take Philosophy Majors for instance. :-)

But when I was still working students were in fact interested.
It was the faculty who were not. Their interest is in driving
the bus, not getting the passengers to where they need to be.

>
> Now, the damn educators who think they know everything, maybe they
> should not have jobs.

I have always thought the worst professors were those who had
never been anything but students and professors. Professors
who had held real jobs in their field always seemed better to
me.

>
>>>> - it does not integrate with newer system that it need to
>>>>    integrate with
>>>
>>> With the exception of Dave's system (I actually know very little
>>> about VMS BASIC) I can think of no legacy system that can not be
>>> integrated into a modern system.  I have had no problems doing web
>>> programming with COBOL.
>
> Basic is no different than any other language.

Not exactly true. While modern BASIC has c ome a long way it
will never escape its roots which were not in the IT Production
world. Like Pascal it was intended to teach concepts and,
believe it or not, one of those concepts was not programming
per se.

>
>> Anything can be somewhat integrated using various hacks.
>>
>> But good integration will often be either impossible or
>> expensive.
>
> BULLSHIT !!!!

I agree with this.

>
>>>> - it is expensive to maintain
>>>
>>> In the case of legacy systems expense is more objective than
>>> subjective.  A little research will show how the majority of
>>> these modernization projects usually run way over budget and
>>> seldom accomplish their original goal.
>>
>> Huge IT projects are in general risky.
>>
>> Migration projects are no exception.
>
> And if it ain't broke, why fix it?

Or, to be closer to the concept of IT modernization, if only one
part is broken, fix that part but don't re-write the whole thing
in a different language becuase a period was missing.

bill


Bill Gunshannon

unread,
Aug 8, 2021, 7:21:22 PMAug 8
to
On 8/8/21 10:45 AM, Arne Vajhøj wrote:
> On 8/7/2021 10:25 PM, Dave Froble wrote:
>> On 8/7/2021 7:40 PM, Arne Vajhøj wrote:
>>> On 8/7/2021 6:42 PM, Bill Gunshannon wrote:
>>>> On 8/7/21 5:56 PM, Arne Vajhøj wrote:
>>>>> It becomes a problem if:
>>>>> - it is out of support
>>>>
>>>> Lack of support for one part of an IS should not be a reason to
>>>> abandon it in its entirety.
>>>
>>> If that part cannot be replaced: yes it is.
>>
>> Anything can be replaced.  The required effort may or may not be
>> excessive.
>
> The effort of creating a CPU replacement or an OS replacement
> or a database replacement will be excessive for sure.

They already exist. Again, using VAX as an example, the CPU, in
fact, the entire system is replaceable with SIMH or something
similar. OS? How many real world IT systems are so integrated
with the OS that another can't provide the services necessary to
accomplish the same task. (I am not talking about features some
users like, I am talking about accomplishing the requirements of
an IS. And, databases are a dime a dozen today. Most newer
databases can deliver everything the older ones can and much more.
And, usually, at a higher rate of efficiency.

>
>>> And even if that part can be replaced then the question is at what
>>> cost compared top the replacement. And it also raises the question
>>> about whether other parts will go out of support soon.
>>
>> Vs the cost of doing a replacement?
>
> The logic goes like:
> - if it cost 1 M$ to replace A
> - if it cost 2 M$ to migrate
> - then just looking at A make migration a bad  plan
> - but if B, C, D and E are all going to go out of support within
>   the next 3 years and they will also cost 1 M$ a piece to replace
>   the the migration business case looks much better
>

There is a lot more to costing such a migration than this simple
example. But migration can still be the better of the choices
especially if it is limited to what really needs to be done to
migrate and not blanket replacement of everything with something
else.

>>>>> - it is hard to find people with skills
>>>>
>>>> That is a fixable problem.
>>>>
>>>> https://edscoop.com/college-legacy-programming-langauges-grant-bill/
>>>
>>> That is a good proposal.
>>>
>>> But do you expect serious companies to base their future on that
>>> such a bill get approved, that funding will continue in the future
>>> and that students will be interested?
>>
>> Students are interested in getting jobs.
>>
>> Now, the damn educators who think they know everything, maybe they
>> should not have jobs.
>
> Business has to act according to how the world is not how
> the world should be.

Or, they can contribute to fixing things if it is in their best
interest. GDIT has the contract for the DOD EMR System. It is
at least hundreds of thousands of lines (maybe over a million,
I haven't actually seen it) of COBOL running in an IBM environment.
They have offered internships to college students for years. I
expect that a number of the people now maintaining the system
started as interns. The Bill mentioned above is just another
way to spur this movement on in spite of academia's attempts to
prevent it.

>
>>>>> - it is expensive to maintain
>>>>
>>>> In the case of legacy systems expense is more objective than
>>>> subjective.  A little research will show how the majority of
>>>> these modernization projects usually run way over budget and
>>>> seldom accomplish their original goal.
>>>
>>> Huge IT projects are in general risky.
>>>
>>> Migration projects are no exception.
>>
>> And if it ain't broke, why fix it?
>
> If you have commitments from vendors that the HW and SW
> will be supported for 10+ years and you get hundreds
> of qualified applicants when you put up a job ad and
> the users are happy with the cost and time to integrate with
> other solutions, then there is no reason to fix anything.
>
> But ...
>

Lack of currently qualified programmers should never be justification
for re-writing a program in a different language. The real problem
is just too easy to solve.

bill

Bill Gunshannon

unread,
Aug 8, 2021, 7:41:17 PMAug 8
to
But, replacements are available for all of the things you
mentioned above. Unless it's more about religion than getting
the job done.

>
>>> And even if that part can be replaced then the question is at what
>>> cost compared top the replacement. And it also raises the question
>>> about whether other parts will go out of support soon.
>>
>> As has been stated here numerous times in the past, unless you are
>> running custom hardware and doing things like device control this
>> is not likely to be a problem.
>
> Of course it is a problem.
>
> Remember what happened when Oracle announced that they would
> drop support for VMS in Oracle DB client library? Not only was it a
> problem for those using Oracle DB, but it also worried those
> using Oracle Rdb a bit.

See comment above.

>
>>>>> - it is hard to find people with skills
>>>>
>>>> That is a fixable problem.
>>>>
>>>> https://edscoop.com/college-legacy-programming-langauges-grant-bill/
>>>
>>> That is a good proposal.
>>>
>>> But do you expect serious companies to base their future on that
>>> such a bill get approved,
>>
>> I  have little doubt that it will be approved.  Financially it is a
>> totally non-apparent bump in the budget.
>>
>>>                            that funding will continue in the future
>>
>> That will depend on whether or not academia decides to swallow their
>> pride and get behind the idea.  I am doing what I can to try and help
>> it, but for totally non-technical reasons it is going to be a hard sell.
>>
>>> and that students will be interested?
>>
>> I had students interested in legacy systems when I still worked at
>> the University even with members of the faculty attacking much of
>> what I was selling.
>
> Bottom line: lots of hope but nothing sure.

The one thing that is sure is what Cartwright said, if we do nothing
the problem will get worse. Using only one facet, COBOL, I have seen
the number of jobs looking for COBOL programmers go up by orders of
magnitude over the last year or so. It was a problem before but I
think some of the side effects of the pandemic have exacerbated it
resulting in a recent major change.

>
> Most businesses will prefer a technology where they know
> they can get people over a technology where they hope
> they can get people.

Funny, none of this has eaten into IBM's business at all, at least as
far as I have seen. And when you see the word "legacy" in the mentioned
article, they mostly mean IBM. Sadly, VMS isn't even oin the radar.

>
>>>>> - it is expensive to maintain
>>>>
>>>> In the case of legacy systems expense is more objective than
>>>> subjective.  A little research will show how the majority of
>>>> these modernization projects usually run way over budget and
>>>> seldom accomplish their original goal.
>>>
>>> Huge IT projects are in general risky.
>>>
>>> Migration projects are no exception.
>>>
>>
>> Which is all the more reason to stay the course and clearly
>> understand "modernization" before you start throwing terms
>> around.  A COBOL IS running on a PDP-11 or TOPS system does
>> not need a new language.  Re-writting it in Java or C# or
>> even Python will get you nothing but a potential for new
>> bugs, inefficiencies and business logic problems.
>
> Not true.
>
> It will get you on a supported platform where you can
> easily  get people with the skills.

It will also get you a program that was originally written with
a language designed to do the job replaced by a general purpose
language not designed to do any particular task.

>
> Yes - a migration come with some risk.
>
> Main risk mitigation factor is the skills of those
> doing the migration.

Skills can be acquired. Most of the languages used for these legacy
ISes are much less complicated than modern languages. Complication
was added by academia to show how brilliant they were. It brings
nothing to the table as far as getting the job done.

bill


Bill Gunshannon

unread,
Aug 8, 2021, 7:50:48 PMAug 8
to
No, but then, neither did the PHP program I was replacing. :-)

bill

Simon Clubley

unread,
Aug 8, 2021, 8:47:12 PMAug 8