We’ve got the band back together and we’re ready to rock!

soul of a new machine

Tom West needs a team to build the new Eagle computer. He sees a video by Seymour Cray who hires inexperienced developers because they don’t know what’s impossible. West decides to copy this approach. He hires lots of new college graduates, promising them they’ll get to work on a real project, something exciting. They like the possibility of flexible hours. “Yet it is a fact, not entirely lost on management consultants, that some people would rather work twelve hours a day of their own choosing than eight that are prescribed.” They want their new employees to be all on. One candidate listed “family life” as an interest. He was not hired. Everyone is expected to “sign up”, volunteer to put in the work, no matter how much, to get the project finished. “Talk about Tom Sawyer’s fence.” “We tell him that we only let in the best. Then we let him in.”

For an architect, though, West needs the best. Only Steve Wallach will do. He doesn’t want to work on the project, considering it a hack, tied down by legacy compat with the Eclipse. But West can offer him something he wants, the chance to ship. Wallach has designed five computers so far in his career, but none ever shipped. All he wants his is to ship something.

Computer security is becoming a thing, notably MULTICS. “But many experts believed that no system of protection yet devised could withstand the efforts of smart pranksters or thieves bent on foiling it.” Rings are commonly used for protection. The VAX has both memory management and protection support, but Wallach sees a shortcut. Reuse segment number for ring number, using the top 3 bits of address, for eight rings and segments. This sounds a bit weird to me, I wonder how it’ll play out.

The VAX has a “wonderful instruction set” because it is only spiritually compatible with PDP line, but not bit for bit. The Eagle however will be fully compatible, meaning only new instructions will be state of the art, and old instructions will be stuck as they are. And top management doesn’t want them innovating too much, shooting down ideas that compete too much with FHP. Wallach designs new instructions, then has a accomplice in the Systems Software group write a memo explaining how it would help their work to have such an instruction, and now Wallach has his backdoor justification to add it to his spec. Finally, the spec comes to be about 200 pages long and his decorated with epigraphs from famous authors that Wallach researched at the library. “Wallach actually spent far more time looking up epigraphs than it took him to discover the right way to manage and protect the computer’s memory.”

Carl Alsing flunked out of school, spending too much time “midnight programming”. But now he’s at Data General, and he’s the microcode programmer. Microcode allows a computer to include instructions that it doesn’t actually have circuitry for, based on the specific instructions it does have. “Microcode is, in this sense, like early Old English, in which there was no work for fighting and a poet who wishes to convey the idea of battle had to describe one.” Alsing wrote all the microcode for the Eclipse in two weeks at the library. Took all the books, wrote it all down on paper. He would prefer not to write code for Eagle, though, and so he becomes more a wingman for West. He hangs out and jokes with the new engineers, although, foreshadowing, trouble is coming.

showstopper

As soon as Cutler moved to Microsoft, his team from Digital followed him. When they arrived at Microsoft, however, they were supposed to sign a noncompete. Which they refused. Had they done so at DEC, they wouldn’t be allowed at Microsoft after all. Stalemate. Finally, Cutler intervenes, and the noncompete is removed from the employment contract. Cutler’s team is very from Microsofties in other ways. They’re older, professional, mature. They call their new employer (or its existing code, unclear) Microslop. Cutler’s boss is to the the “warm and jocular” Steve Ballmer.

Rob Short is going to be in charge of hardware. Steven Wood is assigned to the NT team from Microsoft. He’s worked on Windows, and now OS/2, though he doesn’t like it. He’s considered a good candidate to work with the new team. If he can’t integrate with them, nobody can.

There are three goals for NT. Portability, running on more than one CPU architecture. Reliability, a crash in an application cannot crash the system. Personality, it should be able to host more than one interface.

The problem with portable code is it’s big and slow, unlike assembly written for a specific platform. Gates is very worried that NT will consume too much memory. NT will become reliable by separating the kernel from everything else. Gates is worried this will be too slow, although Cutler promises he can make it fast.

“Even after this debate, Gates still had doubts about NT’s basic design. He knew better than Cutler how much customers cared about the speed of their programs. They would judge NT against DOS and OS/2, assembly-language programs designed for high performance. To be sure, microchips would be so fast someday that they would offset NT’s sluggishness. But five or even ten years might pass before blazing-fast chips were so cheap that software sizzled no matter what. He worried that critics might crucify NT on a cross of speed.”

“Cutler and his team rejected Hungarian (notation).” Cutler also loves comments, although Wood does not, since every change requires twice as many edits.

Daryl Rubin is in charge of the networking group at Microsoft, trying to match Novell’s Netware product with an OS/2 addon called LanMan. Cutler thinks people will pick systems that offer reliable and secure networking. Rubin thinks customers only care about speed. Cutler doesn’t want Rubin near NT’s networking code.

NT started development on the i860, Intel’s hedge against RISC, although they don’t seem interested in making a chip that’s too good. They’re holding NT back. The chips aren’t reliable enough, so they’re forced to use slow emulation. In addition, there’s very little software tooling available. The debugger has as many faults as the code they’re debugging. Other issues as well. When the size of NT exceeds one floppy, they need a hard disk driver. Cutler writes it, but it doesn’t work. Change hard drives, change cables. No success. People mock Cutler’s buggy code. Finally, Short has an epiphany. “The manual held a disturbing clue. Short had forgotten to install a minor piece of circuitry. Cutler’s code had been right all along.” This sounds like it could be a SCSI terminator problem?

The NT schedule comes out one year after Cutler was hired. It’s pretty slim. Won’t run OS/2 or DOS applications, will require new drivers for hardware. They have 18 months to get to final release.

Jan. 30, 1990 -  “Minimal NT up and running.”
July 30, 1990 -  “Code complete”
Oct. 30, 1990 - Version for applications writers
March 30, 1991 - “Golden Master”

There’s quite a lot of work to do. And some of the very important work will be outside Cutler’s group. There needs to be a 386 port, which Gates can’t imagine not having, but Cutler doesn’t care about at all. Cutler insists that main development not use the 386 to avoid the temptation to use 386 assembly when convenient. Networking, which is a struggle with Rubin’s group. And graphics, which Cutler has ignored. VMS was entirely text based. And the decision has been made to find a better RISC chip.

Chuck Whitmer has been working on graphics projects. Paul Maritz was previously manager of Microsoft’s small unix group, but gets promoted to oversee OS/2, and in theory, NT. He thinks NT is a poorly coordinated tech demo, and the missing pieces need to be brought together. But Cutler doesn’t want the responsibility. “Besides, he felt his own team, now consisting of about twenty-five people, was already large. The thought of an even larger team upset him.” That number, which I think includes testers, doesn’t even seem that large today. Cutler, btw, does not like testers. “Cutler actually thought testers were worse than that. Their mere presence, he felt, fostered the dangerous illusion that someone could save a programmer from his sins. Cutler wanted a programmer to test his own code.”

“There was a tacit understanding at Microsoft that after someone contributed substantially to the company he deserved to be carried for a time - maybe as long as year - until he regained his zeal.”

In Spring of 1990, we are far behind schedule. It’s going to be hard to finish coding by end of the year, not July. In May, Gates is still very concerned that NT is too large and too slow. Program managers are starting to push for expanding the scope of NT as well.

dealers of lightning

At Berkeley, the Genie project is adding timesharing to the SDS 930. This includes Butler Lampson and Peter Deutsch. The Genie project eventually turned into Berkeley Computer Corporation, BCC, and an effort to build a parallel supercomputer. Alas, it was a classic case of second system syndrome. Everything the Genie lacked was being added back in. Chuck Thacker was the hardware guy. “The processors all had to be physically connected to each other and also to the memory, which required a couple miles of cable snaking among the eight six-foot-tall cabinets full of equipment, and then out to peripherals such as teletypes and line printers.” That’s a lot of cable. Thacker, of course, knew the project scope was growing too large. Or as Charles Simonyi, recent Hungarian immigrant, put it, “He had this word for what was happening. He called it ‘biggerism.’ I heard this word from him and my English was not that good and I always thought it sounded slightly obscene, because he’d say, you know, ‘This project has been biggered.’” They quickly run short on funding, but along comes Taylor. An early effort to purchase BCC entirely failed, and instead a handful of top engineers were hired individually by PARC.

Taylor has one more hire to make. Alan Kay is another visionary, who has been dreaming about personal interactive computing while others think he’s crazy. Also, like Taylor, he isn’t focused on the technology as means unto itself, but rather as a tool. “This notion of technology as a means to an end still distinguishes Kay from most other practitioners of the art and science of technology. One factor in his powerful kinship with Bob Taylor was their shared curiosity about what this machine could be made to do, more than how. Notwithstanding his incessant harangues, most of the inspired engineers Taylor recruited to CSL, the Lampsons and Thackers, started out too blindly focused on the issue of what was within their power to actually build. They would ask: What is the next stop on the road? Kay turned the question inside out: Let’s figure out where we want to go, and that will show us how to get there. He never lost sight of the computer’s appropriate station in the world: to conform to the user’s desires, not the other way around.”

The PARC team needs a computer. Only one model will do, the PDP-10. This is a problem because Xerox, via SDS subsidiary, is now a direct competitor to DEC. You can’t be furnishing your own research lab with your competitor’s equipment. But half the ARPANET runs on PDPs, and PARC wants to be a premiere ARPANET node. Xerox’s CIO, Paul Strassman, however believes it is his job to replace all of Xerox’s IBM machines with SDS machines, to prove how serious Xerox is, they will even challenge IBM. (He previously worked at Kraft Foods where he replaced all the IBM 360 systems with Honeywell systems, for which IBM tried to have him fired, unsuccessfully. Never fired for buying IBM, but apparently at least some people could for buying something else. By IBM, no less. Anyway, I wonder how those Honeywell systems are doing today...) So he demands a list of reasons why the SDS Sigma 7 was inadequate. He receives a reply that focuses on software that runs on the PDP, but he expected a list of differentiating hardware features, and thinks he’s been ignored. In his mind, two machines with equal hardware features sets are completely equal. Software is a minor detail. Thus setting off years of miscommunication and distrust between Xerox head office and PARC.

However, not being able to purchase a PDP didn’t mean the PARC team couldn’t build one. So they did. Taylor reminded them that this was not a demo, however, and they’d eventually need to use it for real work, so no cutting corners. That didn’t mean no shortcuts entirely, however. The PDP-10 was a quite large machine with lots of hardwired functionality. The PARC team decided they could make a simpler machine by microcoding much of the complex operations. And even improve it. The PDP-10 floating point operations were buggy and imprecise, because it’s very difficult to get such things correct. The PARC microcode worked even better than the original, but then they discovered it couldn’t run Interlisp. The explanation given is rather vague, but apparently couldn’t be fixed in software, so they reverted to the original PDP behavior. “One of the classic frustrations of systems design is that fixing a bug in one place often creates others elsewhere, the way squeezing a balloon at one end makes it bulge out at the other.”

They also decided to forgo core memory, very bulky and expensive, and use Intel’s new 1103 memory chips, which was also problematic. “Such flaws made the 1103 a spectacularly stubborn and perverse contrivance. Its patriarch, Gordon Moore, termed it “the most difficult-to-use semiconductor ever created by man.” It was also hard to manufacture. Intel had so much difficulty turning out an economical volume of working chips that it had to assign entire teams of engineers and technicians to the drudgery of picking good chips out from the river of useless silicon coming off the fabrication line, a job so fervently detested it was labeled “turd polishing.”” One of these problems was certain access patterns would cause nearby bits to flip. Rowhammer has been with us all along.

Although building their own computer set them back about a year from doing new research, it really brought the team together. Many of the had worked together at BCC, but others had not. It gave everybody an opportunity to test themselves and see how they worked.

troublemakers

Sandra Kurtzig works at Bell Labs, although she works for General Electric. “Kurtzig’s job was to convince the Bell Labs researchers that the unimpressive-looking time-sharing terminals - they resembled overgrown beige typewriters - were useful tools. Every minute that she could convince the scientists to spend on the time-sharing system meant more money for General Electric.” The original cloud services developer advocate. But she’s too good at her job, and she’s cannibalizing sales of GE’s bigger mainframe business, so she gets transferred to a another region, with smaller manufacturing industries and factories.

“Silicon Valley USA”, the first use of the term in print, was published in 1971. I can’t find a complete copy online, however. In 1972, HP introduced the HP-35, the first handheld calculator that could do more than basic arithmetic.

Kurtzig has moved back to California (cheaper than New Jersey), and starts her own business writing software. “For a $65 monthly fee, she rented one of the overgrown-typewriter-looking time-sharing terminals from General Electric. She composed her program using the terminal, which sent it via a modem over the phone lines to an off-site GE computer. The data moved at fifteen characters per second.” She writes inventory control software, similar to what she’d been selling in New Jersey. Tymshare asks for a generic version that they can add to their catalog. (Tymshare had recently gone public. Their lawyer was 29 year old Larry Sonsini.) She names the program MAMA, for Manufacturing Management, but is told men won’t buy it. So she renames it to MANMAN. “After all, she reasoned, it often took two men to do the work of one mom.” It’s successful enough that HP, currently ranked third in the minicomputer market behind Digital and Data General, asks for a port.

Bob Taylor is headed to PARC. We’ve mostly covered this. He brings in lots of people. Taylor’s job was to provide everyone with what they needed. Like custom phones with the features each researcher wanted. “Customized phones may seem trivial, but they are an example of a feeling that Taylor created at PARC - the sense that he was working for the researchers, rather than the other way around.” “He mediated disputes between researchers, insisting again and again that each person needed to be able to explain his antagonist’s point of view to that person’s satisfaction, even if he did not agree with it.”

Al Acorn gets a demo of Computer Space. “Bushnell and Dabney had tweaked the dedicated logic circuits within the wiring of the television so that they could produce the same effects as the time-sharing computer in the original Spacewar! game. “A very, very clever trick,” Alcorn called it. Without a computer, without software, without a frame buffer, a microprocessor, or even memory chips beyond a few flip-flops, Bushnell and Dabney had made a dot appear and move on the screen.” And so he’s off to Atari.

He builds Pong to Bushnell’s exacting specifications, apparently under contract to General Electric. But the contract was a fabrication, it was really just an exercise to get Acorn used to building games. And the specifications were actually a clone of a game produced by Magnavox. They take the demo unit to a bar to see how it does. It breaks because the coinbox overflows. Soon they produce more machines, and they are very successful. If fragile in the hands of a pinball machine owner. “If a Pong machine was not loud enough or the screen not bright enough, the bar owners would open the back and start looking for something to adjust. More often than not, they settled on an appealingly accesible dial - and began turning, not realizing it was the game’s external power supply. Every prototype came back to Atari with the power blown.” But it wasn’t all smooth sailing. “Pong was born into an industry already censured, or even banned, by polite society. The game was classed with pinball machines, and in 1972, pinball was still illegal in New York and had only been recently legalized in Chicago.”

“Dabney left Atari that month (March 1973). He says he quit. Bushnell says he was fired. Either way, once the severance paperwork was signed, Dabney disappeared from Atari history. Until recently, almost every interview and article about the company identified Bushnell as Atari’s sole founder.”

Atari’s fortunes soon turn. Clones arrive. Atari is losing money. In the midst of this, change in management leads Alcorn to take a sabbatical. But Bushnell replaces new management again, and Alcorn comes back to build something new. Pong for the home, a single chip version of the game. Now what? Don Valentine (who would spin the Sequoia fund out from Capital Group into its own firm) suggests Sears. They put it in the sporting goods section, not the toys section, so adults buy it too.

zeroday

The US and Iran have a difference of opinion about nuclear technology and uranium enrichment. There’s a long chapter on the history of international relations and policy here.

Symantec usually looks at multiple malware samples per day, quickly reviewing them before moving on. How much time should they spend on stuxnet? It’s really complicated, which means it’s going to take a lot of time. But because it’s complicated, that means it’s something special.

Stuxnet would only run a system with certain Siemens Step 7 software installed. This is a hurdle, since the Symantec team doesn’t have it. They have to use a debugger to step over those checks and get into the heart of the payload. Stuxnet was also nicely behaved, cleaning up after itself and using only minimal resources. If it were too heavyweight, somebody might look into why their computer was running slower. If only more developers were so fastidious. However, the obfuscation doesn’t seem that advanced. Better techniques had been developed and used by other malware. But that’s an odd match with the sophistication of the zero day exploit used. One explanation is that stuxnet has been assembled from the work of more than one team, some more talented than others.

Back to Iran. Nuclear weapons require enriched uranium, which requires lots of centrifuges, which tend to be finicky devices.

Symantec gets an email that maybe there’s another zero day in stuxnet. They’ve been focused on the payload, not the missile, but now they go back for another look. After several more hours reversing, O’Murchu thinks he’s found it in a keyboard file. Then he finds another exploit for the print spooler. Working with Chien, they find a third, bringing the total to four zero days. Who uses four zero days in a single attack?

They report their findings to Microsoft, but they’ve been beaten by Kaspersky, who already found and reported them several weeks ago. Responsible disclosure means there’s no public announcement, you have to find them yourself.

Looking deeper, however, these may not be zero days. The .LNK exploit had been used in November 2008 to install a trojan. Although the trojan was in AV samples, nobody noticed the exploit. The print spooler exploit had been disclosed in a Polish security magazine in April 2009, complete with source code. A hard coded Siemens password had been posted to their own forums in April 2008.

Comparing the 2009 and 2010 versions of stuxnet, more exploits were added, and it was made to spread much more aggressively.

thoughts

A lot of work putting a good team together. There’s the Data General approach, hire young kids, then convince them it will be fun to work hard. The Cutler approach, accumulate good people over a number of years, then launch them at a new project. The PARC approach, make connections over a number of years, then bring everybody together all at once. Both Eagle and NT projects seem to favor the good cop bad cop approach to leadership as well.

I had no idea of the Alan Kay and Tron connection. Dealers of Lightning credits his wife, Bonnie MacBird, for modeling the characters in her screenplay after Kay, although Wikipedia tells the story differently.

The story of SDS seems like one of near misses and lost opportunities. Their SDS 930 model was reasonably popular among scientists. They essentially get the golden ticket when Taylor picked them for base of the Genie project. No ARPANET without ARPA nodes, right? But SDS foolishly rejects and then only reluctantly builds the timesharing SDS 940 model. Only a few years later, most of the ARPANET is running on PDPs. They had a chance there to be the internet platform for a while. After the Xerox acquisition, some product managers, assessing how they will compete against IBM in the market, ask about the COBOL compiler. There is none. Scientists didn’t like lowly COBOL, so SDS never invested in it. And by this time, it’s all a little too late. If SDS had kept a few more doors open, they may not have been written off as a $484 million loss in 1975.

IBM was a big deal. As a group, the Bunch (Burroughs, Univac, NCR, Control Data, Honeywell) lost $167 million between 1960 to 1970. IBM’s profits during this time were $3.5 billion.

Biggerism is your naughty word of the day.