Sunday, 31 July 2022

IBM second quarter figures

I don’t usually look at IBM financial quarters, I tend to be more focused on the tech and the wellbeing of the people using tech – and quite often on the choices facing decision-makers about which tech to buy – however, this quarter, the results are interesting in that they show just how much even major tech companies are affected by world events and the mood of the market.

Let’s look at the headlines. The figure for sales was $15.54 billion, which is up from $14.22 billion in the corresponding quarter last year. Although, bear in mind that the figures have been adjusted to allow for discontinued operations – in this case it’s mainly for Kyndryl, the managed infrastructure-service business, which was spun off.

As you’ll remember, IBM began selling its z16 mainframes during the quarter, which lead Z systems sales to jump 69%. In the previous quarter, sales had declined by 19%.

The figure for net income was $1.39 billion, or $1.54 a share. This figure is also up from the same period last year of $1.47 a share. The adjusted earnings per share, which exclude stock-based compensation expenses and other items, were $2.31. Again, this is up from $2.23 in the same quarter of the previous year.

And yet, on the day that the figures were announced, IBM’s stock dropped 6.4% on Wall Street.

IBM, which earns a lot of its revenue overseas, has been hit by the fact that the US currency has surged to its highest level in 20 years recently. The dollar is strong because the Federal Reserve was quick to raise interest rates in an effort to cool inflation. Higher interest rates typically attract foreign investors, driving up demand for the currency. The downside for companies like IBM is that it suffers in sales abroad because the strong dollar lowers the value of its international sales and makes them less competitive compared with potential local rivals, and, of course, companies offering alternatives to mainframes.

The war in the Ukraine is also having an impact. IBM management has called for $10 billion in free cash flow for all of 2022. This figure is down from the range of $10 billion to $10.5 billion that IBM provided in April. Part of the reason for this change was IBM suspending its business in Russia, which it did because of Russia’s invasion of the Ukraine. The business in Russia has been highly profitable for IBM.

Looking at some of the results in more details, we can see that hybrid-cloud revenues were up 18% to $5.9 billion in the quarter. Software unit revenue increased 6.4% to $6.2 billion, which wasn’t as much as people had estimated it would be. Whereas consulting sales beat the estimates increasing by 10% to $4.8 billion. Red Hat sales increased by a disappointing 12%. Disappointing because it was the lowest increase since IBM acquired Red Hat in 2019. A significant portion of IBM’s revenue came from sales to Kyndryl.

The gross margin was 53.4%, which was ahead of the 52.9% expected, but not as good as last year’s figure of 55.2%. The decline has been attributed to increasing labour costs and also the increase in the price of components. This a problem that businesses in many countries are facing following the pandemic and with the world situation as it is.

So, it’s clear that large corporations like IBM can be working their socks off to ensure that they have a good product to sell and that they are able to sell their products across the globe, however, they are still subject to all the same pressures as other companies – like inflation, high interest rates, high labour costs, high component costs, a post-pandemic world, and war in the Ukraine – a country usually referred to as the breadbasket of Europe. Each of those issues, or their immediate aftermath, will still be with us at the end of the next quarter. One can only wonder at impact those issues will have on small and some medium-sized companies, and whether they can successfully remain in business. And one must wonder what the fall out will be on the global economy if those companies do start to collapse.

Sunday, 24 July 2022

Password fatigue

Life was so much easier when the only password you needed to remember was 123456, or 123456789, or qwerty, or password, or 111111, or any other very simple to remember and easy to hack password. In fact, in those days, there were fewer websites that you needed to login to. But now, we need to remember more complex passwords, and, hopefully, more of them. And people are getting password fatigue. In fact, according to LogMein, the average business user keeps track of a whopping 191 passwords.

According to Wikipedia, “Password fatigue is the feeling experienced by many people who are required to remember an excessive number of passwords as part of their daily routine, such as to login to a computer at work, undo a bicycle lock, or conduct banking from an automated teller machine (ATM)”.

According to an Infographic from Yubico produced in 2019, on average, people spend 10.9 hours per year entering and/or resetting passwords. This, they estimate, costs organizations $5.2m per year.

The trouble with passwords is that unless they are secure, there is really no point in having them. So, most places that you need to login to enforce strict password rules. For example, your password can’t match your username, plus it must be a certain length (which seems to be increasing all the time), and it has to contain a variety of characters (upper/lowercase letters, numbers, special characters). And just when you think you’ve memorized the password, you find you need to change it every 60 days (or some other number). And you probably can’t re-use and old favourite password until a very long period of time has passed, or enough other passwords have been used.

For businesses, the need for passwords to be secure is critically important. They can’t have passwords stuck on the side of a computer. They can’t tolerate people sharing passwords. The big issue for businesses is hackers and ransomware. Too often, hackers are finding a password that someone uses for one account is also the password they use for a more secure and important account – for example their bank account. Using a known email and password combination gives them access to other sites.

In addition, the dark web is full of stolen userids and passwords that hackers share. Unless passwords are regularly changed, an old list of passwords can be as effective for hacking purposes as a more recent list. Once hackers gain access to your network, they can corrupt backups, encrypt databases, and demand payment in bitcoins to make those corporate files available again. And all because the organization wasn’t stricter with its password policy.

So, what can people do about the plethora of difficult passwords that they need to remember? The obvious solution is to write them down on a Post-It Note (or similar) and stick it to your computer screen. Hopefully, the days of people doing that have passed – but you may know different where you work! To make memorizing passwords easier, about half (51%) of the people in the Yubico survey simply rotate the same five passwords across their work and personal accounts.

Using three or four random words together is a great way to beat password-cracking software. You might choose ‘hatcarlaughing’ or something similar. The password is very hard to crack, however, people would still get password fatigue trying to remember 191 different passwords like that during the working day.

So, what can organizations do in order to help their employees overcome password fatigue and keep their network safe from hackers? There are a number of solutions available.

Biometrics solutions seem like the most obvious. You always have your eyes or fingerprints with you. However, the technology can be quite expensive and not always completely reliable.

To overcome the need to remember so many passwords, employees could use a password manager. Staff create a repository of the passwords they use, and the software presents the appropriate one when a login screen appears. Members of staff don’t need to remember the password, so those passwords can become even harder to crack. Using a password manager makes password fatigue a thing of the past. The problem arises when trying to login from a different device,

Multi-factor authentication (MFA) is another way to maintain security and reduce password fatigue. Obviously, it adds another step to the login process, but it does make things more secure, so the password used can be much shorter than might otherwise be the case, and therefore easier to remember.

Single sign-on allows members of staff to sign in only once to gain access to all the software and devices associated with that account. That makes things easier for the user.

As mentioned above, password fatigue can cost companies money and can make the life of employees difficult. It makes sense for an organization to look into ways that it can help staff avoid password fatigue, get on with their work, and keep the organization secure.

Sunday, 17 July 2022

Have your own personal mainframe

It was the year that I first started working on mainframes. Can you guess when it was? Leg warmers became fashionable. The first Happy meals were available from MacDonald’s. Walkmans became available from Sony. Trivial Pursuit became available. Pink Floyd released “The Wall”. Margaret Thatcher became prime minister in the UK. The USSR invaded Afghanistan.

Lots more happened, and the year was 1979.

The first mainframe I ever worked on had lots of flashing lights on it and it looked the way mainframes did in films and on TV. It was soon replaced by a 4341 model. Those were the days of removable DASD and lots of tape decks. We even had a paper tape reader and one user who sent stuff on paper tape to be input into the computer. And, yes, the paper tape did rip from time to time. Of course, there was also a card reader and a card punch. And lots of 11-inch multiline stationery going through the printers. And people would come along and collect their printouts.

It was such a different world.

The reason I’m taking you on this trip down memory lane is because, it seems, you can now recreate your own MVS Version 3.8 system. I think Version 3.8 came out in 1981.

If you go to https://wotho.ethz.ch/tk4-/, you can get hold of The MVS 3.8j Tur(n)key 4- System. The documentation tells us that MVS 3.8j Tur(n)key 4- ("TK4-") is a ready to use OS/VS2 MVS 3.8j system built specifically to run under the Hercules System/370, ESA/390, and z/Architecture Emulator. It is an extension of the original MVS Tur(n)key Version 3 System ("TK3") created by Volker Bandke in 2002. This version was written by Jürgen Winkelmann, between November 2013 and September 2016.

Now, someone calling themselves rattydave has created a Docker container containing a fully-running MVS 3.8j. You can find it here. Rattydave also has a fully-running Version 3.0 of IBM's Time Sharing System/370. You can find that here. Obviously, and fully credited, this Docker version uses the work of Bandke and Winkelmann.

The 'usage' section explains how to connect a 3270 terminal. It also describes how to add a full-function console when running in unattended mode. It uses a TN3270 emulator. The notes describe how to get basic TCP/IP support, and there are some useful getting started notes.

I just thought it would be quite interesting to know that you could use Docker, a very modern way of working on a mainframe to recreate a 3033 mainframe environment from the early 1980s. It seemed like a piece of coding fun that mainframers might well be interested in – particularly if they remember working on MS 3.8 back in the day.

It’s worth mentioning Hercules, which is an emulator that allows mainframe software to run on other computer hardware, eg PCs. It works with Linux, Windows, and even on Macs. It’s written mainly in C, and development started in 1999 by Roger Bowler.

Although it works with all mainframe operating systems, licences are required to run newer versions of mainframe operating system.

Interestingly, I’ve seen that it’s possible to run the software on a Raspberry Pi and recreate an old-time mainframe on one of the smallest computer platforms around.

IBM has its ZD&T Personal Edition, which lets a user run an IBM Z distribution on a PC running Ubuntu. The software can create an environment for mainframe application demonstration, development, testing, and education. It enables z/OS, middleware, and other z/OS software to run on Intel and other compatible computers. ZD&T Personal Edition emulates z/Architecture with virtual I/O and devices.

And, of course, you can now run mainframes in the cloud with IBM’s Wazi as a Service. The set-up is only available for development and testing, but it is another way of accessing mainframe systems from a completely different system and without an actual mainframe being involved.

I just thought it was interesting to see how mainframes could be emulated on other platforms, and how old ‘timey wimey’ (as Dr Who used to say) systems could be brought back to life.