Planet i

Read the original at DB2 for i.

This week, we are in Anaheim for the gathering of the clans otherwise known as COMMON. In fact it is now the last session of...

Read the original at iDevelop.

Recently I saw some old BS about how secure IBM i based systems are and I just have to respond.  First of all with all due credit to the OS system developers at IBM, IBM i is by far one of the most secure operating systems there is with minimal exposure to the types of hacking found in the LINUX, UNIX, or Windows world where access is gained by exploiting vulnerabilities in the OS.

Today, the statement that IBM i is completely secure and cannot be hacked is pure unadulterated BS!  It can be hacked much easier than most folks could ever imagine.  Every since IBM introduced support for pointer manipulation in RPG and other ILE languages, they opened the OS to hackers.  It is still very difficult and not worth exploiting.

BUT ... why would a hacker bother with the OS when huge numbers of IBM i based shops leave the front door to their systems wide open over the Internet? 

There many exposures ranging from failure to change the password on key system profiles so a hacker can just login as QSECOFR or other powerful profile.  A little more difficult but not much is the ability to run SQL INJECTION attacks on thousands of web pages that your developers probably don't even know are exposed.

I recently did a Google search on "IBM i hacked" and got 3.7 million results.  The old BS that the IBM i has never been hacked is pure myth.  I personally know of several including a major bank, a major automobile manufacturing company, and several retail operations. 

If my word isn't good enough them Visit Help Systems web site (they now own PowerTech one of the largest IBM i security companies) and get their "State of IBM i Security - 2012" and read it for yourself. 

The study reveals that:

• 81% of systems unknowingly compromise their library security
• 66% of systems don’t monitor network access to their data
• 74% of systems give users too much power.

In other words most IBM i shops are extremely vulnerable to security penetration, hacking, and loss of confidential customer information.  All the time your IT Staff in blissful ignorance will tell you everything is wonderful and your system is hack proof.

They may even quote an incorrect statement that IBM at one time offered a Million Dollar reward for anyone who could hack an iSeries system (it was called iSeries at the time).  IBM had to back off in a big way as studies quickly revealed that IBM i can indeed be hacked and even worse, most users, IT managers, and other IBM i practitioners didn't know how to provide basic protection form hackers.

There is no magic in hacking an IBM i system, you just drive through the front gates and take what you want.  The door is usually open and there is usually a big welcome mat!

Read the original at Bob Cancilla on IBM i.

Besides using it for developer information, IBM i pros should now get a Developerworks account for getting information about the latest i 7.1 Tech Refreshes and for PTF information, particularly for Group PTF info to see what features are being … Continue reading →

Read the original at Hertvik Business Services - Joe's Blog.

This week is the COMMON 2012 Annual Meeting and Exposition in Anaheim, CA. It's been a busy week of giving presentations, talking with clients during...

Read the original at i Can.

From various COMMON sessions that discuss Power VM and LPM and from some talks with IBM on the COMMON Expo floor, I pieced together the following info. IBM please feel free to suggest changes if I have anything wrong. Here’s … Continue reading →

Read the original at Hertvik Business Services - Joe's Blog.

In an IBM COMMON session on Power VM, IBM gave a live demonstration of moving a running IBM i partition from one box to another using the new Live Partition Mobility and the HMC. Here’s how it went down. The … Continue reading →

Read the original at Hertvik Business Services - Joe's Blog.

At COMMON today, I told someone the gory story of how in the past six months, I’ve had three occasions where two of the six IBM i partitions I manage have needed emergency IPLs to restart their systems. My audience’s response … Continue reading →

Read the original at Hertvik Business Services - Joe's Blog.

In between looksoftware’s annual user conference and the start of this year’s COMMON at Disney Land in Anaheim, California, was an unusual event: the iBelieve revival meeting for IBM i evangelisation. Dan Burger from IT Jungle was there and reported on the … Continue reading →

Read the original at Hertvik Business Services - Joe's Blog.

It's hard to sum up a conference that's not over yet.  Just know that I'm not.  I'm actually just giving a quick recap of my last few days.

I'm the newest member of the Common Americas Advisory Council (CAAC).  We met for two days of meetings this past Friday and Saturday before the Common User Group annual meeting and expo in Ahaheim, CA.

I arrived in Anaheim after about twelve hours of travelling from Nova Scotia.  Air Canada, you're not Westjet in terms of in-flight service, but you got me there with only one stopover in Montreal.  While I love Montreal I only had 45 minutes to change planes.  I had to sweet talk my way to the front of the line in both security and US customs and sprint hard to the gate (with belt, passport, Blackberry and wallet in hand) in order to make my connecting flight to Los Angeles International airport. 

While I can't talk about the specifics of our CAAC discussions, I can tell you that we are working very hard to represent the requests of the IBM community to our many partners within IBM.  As Common President Pete Massiello said in the opening session this afternoon, 62% of CAAC requirements have been delivered by IBM within IBM i releases 6.1 and 7.1.  I will stress that parts of the other 38% can still be put out in technology refreshes or future version releases.  The point is, the CAAC is working with IBM to ensure community needs are being addressed and IBM is doing a darn good job of addressing those needs.

From my brief time on the CAAC I can say it's a very effective relationship.  I can't wait to contribute more.

After our CAAC discussions, my time at Common was limited to the Sunday sessions as I had to fly back Monday morning.  As I've mentioned to many people, my company's IT department is very much in a support mode right now so even if I stayed in Anaheim, I'd probably be on the phone all day.  I do, however, plan on being in Columbus, OH in the fall and in Austin, TX in spring 2013.  While there, I intend on spending much time volunteering as I can.

The Sunday opening session was awesome.  I was adopted by the IBM Power Systems Champions (as I'm a Collaboration Solutions Champion) and asked to share the stage with them.  What a treat. 

The electricity and optimism from IBM and their customers at Common is just unreal.  I'm even more stoked to be running IBM i than ever before. 

See you in Columbus!

Read the original at Steve Pitcher.