[HN Gopher] Bernie Madoff's unwitting accomplice: The AS/400 (2009)
___________________________________________________________________
Bernie Madoff's unwitting accomplice: The AS/400 (2009)
Author : richardfey
Score : 55 points
Date : 2021-11-27 11:13 UTC (11 hours ago)
(HTM) web link (web.archive.org)
(TXT) w3m dump (web.archive.org)
| protomyth wrote:
| Calling the iSeries (AS/400) legacy is a bit disingenuous. It is
| a currently developing system with features that aren't
| duplicated in the mainstream. At this point, I honestly crave a
| Unix/Windows alternative to gain some popularity to break the
| tunnel vision of the industry.
| Spooky23 wrote:
| Are there any significant number of iSeries customers that are
| new? Does IBM have people pitching iSeries solutions?
|
| Like the mainframes, they are a great technology, but represent
| a business model that doesn't really exist anymore.
| Accujack wrote:
| It's only software at this point, though. The AS/400 that the
| (short, detail-less) article talks about is very much legacy.
|
| Despite the compatibility IBM builds in, sometimes system
| hardware can't be updated or won't be updated.
|
| IBM kept the defining part of the system and merged it with
| high performing hardware that requires no separate business
| division to support.
| 300bps wrote:
| True curiosity - what features does an AS/400 have that aren't
| duplicated in the mainstream?
| fulafel wrote:
| Single level storage, for one - a flat 128 bit address space
| that covers storage and working memory.
| pjmlp wrote:
| I think the tunnel vision has been breaking down via the "Cloud
| OS" that are running language runtimes directly no whatever,
| basically OS/360 has gone mainstream, but general public still
| think UNIX/Windows matter on the server room.
|
| Similarly the mobile OSes have more in common with such ideas,
| than classical desktop stacks.
| le-mark wrote:
| I don't think down voters are interpreting this post
| correctly. I read it as "serverless or function as a service"
| abstract away the particulars of the host operating system is
| a similar way that os360 did on the mainframe.
|
| It's a valid point but not entirely accurate due to the
| limitations IBM mainframe cics requirement. They say they
| support other languages, but in reality it's cobol.
| pjmlp wrote:
| Yes, that was my point.
|
| Naturally I am not speaking about OS/360 in particular,
| rather the vision that gave us type 1 hypervisors and
| hardware/OA agnostic runtimes.
|
| I am used to lack of vision, many seem to only understand
| what is shown running in front of them.
| Koshkin wrote:
| It is not machines that defraud people - people do.
| Maursault wrote:
| > The IBM midrange systems have a tremendous feature, backward-
| compatibility - anything you wrote 20 years ago can be compiled
| on current systems without any change in source code.
|
| If this is saying OS/400 is backward compatible with old UNIX
| software, then it's kind of impressive. The team that developed
| OS/400 apparently had absolutely no background in UNIX.
|
| Reasons for AS/400 seem to mostly be big finance software and
| municipal software (apparently local governments trying to
| migrate away from AS/400 to Windows municipal software are still
| having serious trouble 5 years later). There are other reasons...
| very stable OS and the rare successful security by obscurity.
| Migrating AS/400 to Cloud is a thing now, but it is still less
| expensive to own and run the equipment locally.
| Accujack wrote:
| He's talking about the binary compatibility of the various IBM
| system lines.
|
| The binaries of AS/400 systems include an intermediate code
| binary representation of the program that can be re-translated
| into a binary for a newer system when one is developed.
|
| If you wrote a POSIX based program in in the past on the
| AS/400, it would almost certainly run fine on the newer
| systems. Likewise, AS/400 programs written for AS/400 or
| iSeries chip based systems will run on the modern Power series
| OS/400 systems with a recompile.
|
| There are good and bad sides of choosing to build this level of
| compatibility, but IBM has made doing so a mainstay of their
| business for a long time.
| kilna wrote:
| tl:dr; Guns don't kill people, AS/400s rob people... or
| something.
| sjreese wrote:
| Ha! Any programmer knows you have to simulate a trading system to
| run "What if" calculations .. RPG II a switch based language
| based on the input dataset, so this list of trades will have that
| outcome. A split-strike, you know today as "sectors trading" is
| still profitable. But in RPG II it can be made to look criminal
| for programmers - when all we did was run one group of gold
| mining cards versus gold trading cards where they match we buy
| where they don't we sell. Placed on top of the S&P 2000 we yield
| 1% a day - which to those not familiar with sectors - see as
| criminal. But today it's all legal and cell phone ready. Sorry
| Bernie - the profit was too grate to not know about and the SEC
| and FBI were useful tools to get at the source code .. upside we
| have sectors and markopolos has no clue on how to make money and
| can't profit from his look at the code. .. lesson study bitcoin
| and profit
| kloch wrote:
| The key take-away here is that he used a completely separate
| reporting system from the rest of the company. The implication
| that it's relatively obscure hardware was a shield to scrutiny is
| beside the point. Madoff was in charge and if he said this system
| will be separate that's what it would be no matter what it was
| running on.
|
| It's probably the architecture he started with in the
| 1980's/1990's and just kept rolling with it.
| chiph wrote:
| Upgrades on the AS/400 are super easy. You basically cart in
| the new model, and restore from the backup you made from the
| old machine. It then works for a while updating all the objects
| & references, and then you're ready to go.
| kQq9oHeAz6wLLS wrote:
| Can confirm, we did this at a previous company I was with. It
| was actually quite impressive how much of a nonevent it was.
| bborud wrote:
| Not quite sure what I just read. Can someone shed some light on
| this?
| cm2187 wrote:
| Blaming the scam for not having been run on the latest
| generation of AMD CPU.
| thanatos519 wrote:
| That would have been EPYC!
| krylon wrote:
| _Badum Ts_
| belter wrote:
| The real story is that Harry Markopolos sent a 21-page memo to
| the SEC regulators, entitled "The World's Largest Hedge Fund is a
| Fraud".
|
| In it where 30 red flags that he believed proved Madoff's returns
| could not be legitimate. But nobody could even understand it. Its
| was no fault of an AS/400 but of something else who also start of
| AS
|
| "Markopolos: I gift wrapped and delivered the largest Ponzi
| scheme in history to the SEC"
|
| https://youtu.be/uw_Tgu0txS0
|
| https://en.wikipedia.org/wiki/Harry_Markopolos
|
| The SEC would not be able to organize a Party in a Pub like they
| say in the UK....
| KineticLensman wrote:
| > a Party in a Pub like they say in the UK....
|
| (Brit here) "a piss-up in a brewery" is more common albeit less
| polite.
| obiwan14 wrote:
| That's VIP, but then there's this:
|
| > House 17's expressed purpose was to maintain phony records
| and crank out millions of phony IRS 1099s on capital gains and
| dividends, trade confirmations, management reports and customer
| statements.
|
| It's like the _Hit Man: A Technical Manual for Independent
| Contractors_ book [1], which is expressly written as a manual
| to teach even a novice how to commit murder and get away with
| it. The publishers of that book were found responsible when a
| guy used the book in a plot that killed 3.
|
| House 17 was specifically written to facilitate fraud at scale.
| So one can say that it made Bernie's job a lot easier.
|
| [1]
| https://en.wikipedia.org/wiki/Hit_Man:_A_Technical_Manual_fo...
| randycupertino wrote:
| There's a great book by Harry Markopolos and his quest to
| expose Bernie as a fraud for years called No One Would Listen.
| It's a fascinating read although a tad infuriating:
| https://www.audible.com/pd/No-One-Would-Listen-Audiobook/146...
| 1cvmask wrote:
| The tech variant of blaming it on the dog.
|
| "After all, technologies don't scam people, people scam people."
| 300bps wrote:
| I have such a curiosity about the AS/400. The extent of my
| experience with it though was setting up 5250 emulator cards in
| PCs for customers over 20 years ago.
|
| Tempting to buy an old one on eBay and play around with it.
|
| I'll avoid starting a Ponzi scheme with it though. :)
| Angostura wrote:
| If you look _very_ hard, you might be able to find a luggable
| 'laptop' version that was developed in-house for salefolks to
| cart around for demomstrations
| chiph wrote:
| If you do, blog about it. One of the challenges in getting an
| old mainframe (System 360, 3090, etc) running is getting a
| license for the operating system from IBM. Hopefully acquiring
| one for the AS/400 is easier.
|
| https://www.youtube.com/watch?v=45X4VP8CGtk
| bluepizza wrote:
| Most computer systems running on an AS/400 use the embedded DB2
| database - a well known and understood technology.
|
| Reports would be generated based on the tables, no different from
| an Oracle based stack.
|
| RPG code is fairly easy to understand as well. Any experienced
| auditor or consultant would be abe to understand the routines
| easily. Maybe more easily than a Perl or C stack.
|
| I'm no fan of AS/400 for many reasons, but complexity is not one
| of them.
| chasil wrote:
| The DB2 on the iSeries is not built from the same source code
| as mainframe DB2, which likewise is not built from the same
| source code as Linux/Windows DB2.
|
| These may be carefully engineered to be compatible at many
| levels, but they are not the same thing, as Oracle might be as
| it is compiled for its supported platforms.
| russh wrote:
| Legacy RPG code is usually not easy to understand. Each line of
| code can be conditioned with a series of Boolean indicators
| leading to a simple looking but complex spaghetti code. One
| line of code may run if indicators 13, 23, and 90 are set and
| the next only if 56 is set followed by a line that runs if 13
| and 90 are set. You could have 99 indicators plus reserved
| indicator per program.
|
| This leads to pearls of wisdom like "An indicator is like an
| atomic bomb, nice to have but not something you want to use."
| And "if you solve the problem with an indicator, then you'll
| have two problems."
| kibwen wrote:
| I'll dispute that RPG is fairly easy to understand. It wasn't
| designed as a general-purpose language, it's more like an
| alternate universe proto-SQL that was twisted into a general-
| purpose role. With few historical precedents to base it on as
| of 1959, its designers were flying by the seat of their pants,
| and it will be expressly alien to any developer who came of age
| after the early 90s. It's also a product of its time; six-
| character identifiers, eight-character filenames, and don't get
| me started on the fixed format (when I describe this to my
| developer friends, their eyes bug out of their head). _Maybe_
| if we 're talking exclusively about the modern C-inspired free
| format, but IME most RPG code was written well before RPG IV,
| and any company that eager to rewrite their code is going to
| have rewritten it in e.g. Java instead.
| ch_123 wrote:
| The System/3x family and RPG were designed for customers who
| were migrating off unit record equipment. Unit record
| equipment was "programmed" by wiring plug boards, and the
| unit record machine would filter, transform, collate (etc.)
| each card in a stack of input cards by applying the rules
| specified by the wiring of the plug board.
|
| With the fixed formatting and "program cycle", RPG was
| intended as a sort of skeumorph for technicians who would
| have been trained to "program" unit record equipment on a
| wiring diagram. (Contrast the wiring schematic here:
| http://www.righto.com/2017/04/1950s-tax-preparation-
| plugboar... with an RPG template here: https://www.richard-
| banks.org/2014/01/a-little-nostalgia-wit...)
| irjustin wrote:
| What is this. I was hoping to understand how this computer was
| deeply involved in the ponzi scheme but I basically learned that
| he "wrote reports at scale" and no more details.
|
| The whole article reads like a weird, sideways attempt at saying
| "computers are bad, maybe we should regulate their use."
| chriscjcj wrote:
| Agreed.
|
| However, the "_________ are bad; maybe we should regulate their
| use" argument is an interesting one. Depending on what you put
| in the blank, reaction varies wildly. I think most reasonable
| people don't think AS/400s are inherently bad, but would blame
| the individual for their misuse. Plug in "guns," "cars," or
| "drugs," and see what happens. :-)
| perl4ever wrote:
| Toyota pickup trucks are legendary for their use by
| insurgents; I don't see a lot of hand-wringing over that.
|
| Several years ago, I went looking for a digital caliper. I
| settled on one from a certain Japanese company. Later I read
| on Wikipedia that four of their executives were indicted in
| the 00's for fraudulently exporting measuring devices that
| were _too accurate_ and indirectly may have ended up in
| sanctioned countries ' nuclear programs.
|
| That seems like a good tagline - "So accurate, it's illegal!"
| marcus0x62 wrote:
| The original article[1] has a few more details, but to my
| reading doesn't blame the AS/400 as helping facilitate the
| fraud in any special way. It mostly talks about a lack of
| oversight and culture of secrecy at Madoff's company.
|
| [1] -
| https://web.archive.org/web/20100129061850/http://www.iddmag...
| dm319 wrote:
| There's a weird link at the bottom which points to a paper by
| microsoft about how file systems with user permissions is a bit
| like having a centrally-planned economy. Doesn't help you, but
| it added to my confusion.
| sokoloff wrote:
| Exactly. It was an electronic pencil in terms of the importance
| it had to the fraud.
| ch_123 wrote:
| It's worth pointing out that Madoff's AS/400 ran System/36 RPG II
| and OCL code in compatibility mode, which made it somewhat more
| difficult to understand than regular OS/400 code. Nonetheless, a
| consultant was hired to make sense of the code and he was able to
| explain its operation to the court, see:
| https://www.itjungle.com/2016/09/12/tfh091216-story01/
| mseepgood wrote:
| Did Bernie program it himself? I somehow didn't imagine him as
| a computer nerd.
| IMSAI8080 wrote:
| The specific machine type is moot and just clickbait. The way I
| heard this one, the crux was the machine he used was not network
| connected. Madoff needed to be able to calculate customer account
| positions after he already knew the share prices. Due to the lack
| of network the machine needed the prices input manually, which
| introduces a delay. So he could select which shares customers had
| "purchased" after the fact. If he bought modern off the shelf
| software it wouldn't necessarily have this quirk where you could
| retrospectively decide which shares the customer owned. He may
| have found it hard to justify asking someone to write new
| software for a new machine with this feature without them getting
| suspicious. So he kept the old machine going.
| noisy_boy wrote:
| > If he bought modern off the shelf software it wouldn't
| necessarily have this quirk where you could retrospectively
| decide which shares the customer owned. He may have found it
| hard to justify asking someone to write new software for a new
| machine with this feature without them getting suspicious. So
| he kept the old machine going.
|
| As mentioned in the link referenced by this comment[0]:
|
| > Perez and O'Hara were found guilty for their role in the
| fraud, and were sentenced by U.S. District Judge Laura Taylor
| Swain to two-and-a-half years in prison, which was the minimum
| sentence.
|
| So even for the old machine that they continued to use, its
| programmers were found to be guilty i.e. they knew what they
| were doing was wrong.
|
| [0]: https://news.ycombinator.com/item?id=29359292#29360041
| IMSAI8080 wrote:
| I see. So they had also added features to it that had enabled
| the fraud. It wasn't just the older software was accidentally
| convenient. Either way the AS/400 angle is not really
| relevant.
| _jal wrote:
| It looks like a columnist attempting to bootstrap the argument
| that legacy systems foster lack of oversight, or something like
| that.
|
| And failing.
| [deleted]
___________________________________________________________________
(page generated 2021-11-27 23:01 UTC)