Now Reading
a pre-CDE VUE of the PA-RISC with a safety clearance

a pre-CDE VUE of the PA-RISC with a safety clearance

2023-01-15 18:08:58

Regardless that I am a Energy ISA bigot by means of and thru (typed on ppc64le!), to this present day I nonetheless have an everlasting candy spot for Hewlett-Packard’s PA-RISC “Precision Structure” as a result of it was my first job out of faculty. It does not damage that it was one of many saner RISCs, with a reasonably clear instruction set apart from its odd deficiency with atomics, and was fairly a piledriver in its day as a consequence of its cache association and early adoption of SIMD. We ran HP-UX 10.20 on an enormous K250 the place I developed database functions on Informix, later upgrading it to an L-class one thing or different (I believe an L2000). After I was nonetheless consulting for the college considered one of my duties was even establishing a Visualize C3750 workstation, which was a silly quick machine on the time and I am certain served very properly for them doing protein visualization. Heck, if Commodore had caught round longer, we would actually have had a PA-RISC Amiga as an alternative of the fashionable third-party PowerPC techniques. (I’ve received another wacky PA-RISC machines round right here I would introduce you to later.)

The college solely used the large stuff, although, not “low finish” pizzaboxen just like the versatile and (comparatively) ubiquitous 9000/712 “Gecko,” which in addition to being a well-liked 1990’s RISC workstation of its personal — id Software program had one throughout their NeXTSTEP days — turned up because the system base in different shocking locations. One among these was HP’s personal Agilent 16505A protocol analyser, and one other was as the idea of the MIL-SPEC SAIC Galaxy transportable workstations.

That dovetailed properly with considered one of my main amassing specialties, which is non-x86 portables — I am not simply speaking PowerBooks and ARM right here, buddies, and we’ll discover a few of these machines at a later time as properly. However as a result of these machines had been typically in labeled or high-security environments, few escaped to the surface world and my present verified rely of present machines is simply 5, together with my very own. I managed to accumulate a damaged (like, actually fractured) Galaxy 1100 quite a few years in the past and tried gutting a 16505A to restore it however by no means received it previous the boot display, so when a working one turned up in March 2019 I jumped on it. This unit, which solely required a minor quantity of case restore, received refurbished with a SCSI2SD and a contemporary set up of the PA-RISC port of NeXTSTEP 3.3, and runs it splendidly.

In reality, you’ve got already briefly met this machine: it is one of many check containers for Crypto Ancienne, which might bolt TLS 1.3 onto OmniWeb, NeXTSTEP’s major browser, and was one of many first articles I wrote for this weblog making an attempt to determine how to get a screenshot from its video port. A few of you will have even met it in particular person when it was a (common) exhibit for Vintage Computer Festival 2019.

However now I’ve managed to land a second working unit, and evaluating their authentic arduous drives has been an fascinating dive into the safety bowels of the U.S. federal authorities (particularly since these models can truly boot them, not like my useless Apple Network Server prototype from Netscape/AOL). Plus, it appeared like a superb alternative to speak in additional element about their internals and their historical past, take a tour of HP-UX and HP VUE previous to the “one ring to rule all of them” of the Widespread Desktop Atmosphere, and what this 16-pound tank of a transportable workstation was truly used for … and why it is best to all the time clear your cache on a safe system lest somebody like me discover the arduous disk many years later.

Earlier than all that, although, a droll story from the military-industrial advanced.

In 1982, the USA Chief of Naval Operations sponsored the Desk-Prime Laptop (DTC) program to offer a typical fleet normal for “tactical choice help”; at some unspecified level the acronym advanced particularly to “Desktop Tactical Laptop.” For value causes the CNO selected an off-the-shelf system quite than demanding TEMPEST and MIL-SPEC compliance. Whereas the Hewlett-Packard 9836U and 9020A techniques had been initially chosen, the HP 9020C (also called the 9000 Mannequin 520C, primarily based on an 18MHz FOCUS CPU) received out and have become broadly deployed. DTC-1 was the primary of the U. S. Navy’s a number of deployments of Hewlett-Packard microcomputers. Though the following DTC-2 deployment used Solar-4 {hardware}, the Navy returned to HP for what was renamed the “Tactical Superior Laptop” with TAC-3, deciding on the HP Apollo 400 sequence.

In 1993, the Navy issued a solicitation for the most recent iteration of TAC, TAC-4, meant as “the following technology of pc workstations, software program, help companies and logistics in help of Naval necessities, afloat and ashore. It is going to present the ‘frequent engine’ for mission and mission help functions, tactical, and non-tactical.” Regardless of simultaneous proposals from Solar and Digital, HP landed the contract once more for an estimated US$672.6 million (about US$1.39 billion in 2023 {dollars}), the most important HP ever dealt with to that time, which included {hardware} and software program deployment for a number of working environments together with upgrading the prevailing TAC-3 machines. HP crammed this want with their up-and-coming PA-RISC {hardware}, specifically the 9000/712 workstation as a desktop consumer together with different 9000/700 machines just like the /743i, /744 and later the J210, step by step shifting to extra standard PCs and Intel servers because the multi-year contract progressed. TAC-4 was an enormous deal to HP and the hassle was hardly secret; HP even printed up giant stickers like these, and TAC-4 branding was additionally a part of the working system as we’ll present. (Dig the Worldwide Code of Indicators flags for Tango Alfa Charlie, although that mixture of flags doesn’t suggest something in ICS.)

A mission this large inevitably required companions, similar to Harris Company, who offered safety software program and community help for TAC-4’s IT infrastructure. One other a part of TAC-4 was delivering a transportable MIL-SPEC ruggedized system for extra hostile working environments, one thing HP did not have of their product line. For this work HP subcontracted with Science Functions Worldwide Company (SAIC), then primarily based out of San Diego and the dominant supplier of tactical transportable workstations for the Division of Protection. SAIC already had in depth expertise with making powerful {hardware}, most notably their RSC-1X, a reworked SPARC-based RDI BriteLite armoured in a steel shell and a pressurizable outer case made from metal.

This explicit machine did not have to be that powerful, nevertheless it wanted to be powerful sufficient: the Navy specified FED-STD-101C, Technique 5007.1, requiring it to outlive a number of 30″ drops onto concrete of every of its faces with out structural harm. There was no TEMPEST certification requirement; it appears just like the Navy was primarily concerned with a pc that would merely take some punishment. It additionally needed to be quiet sufficient (MIL-STD-740/1, Desk 1 Class C), transportable sufficient and self-contained sufficient so that somebody may pull it out of a provide closet, plunk it on a desk, plug in community and energy and instantly have a fully-functioning pc. And that was the SAIC Galaxy.

The SAIC Galaxy household consisted of two techniques, the 1000 and the 1100. Each the 1000 and 1100 had been basically recased 9000/712 workstations with minor {hardware} modifications and customized added electronics, however all the techniques I’ve seen together with mine are Galaxy 1100s, primarily based on an 80MHz PA-7100LC (the 1000 reportedly ran the 60MHz model).

This is a closeup on the identification plate, positioned on prime with the keyboard.

The techniques, for being large off-white plastic bricks, are surprisingly ergonomic. Folks at VCF raved in regards to the 10.4″ LCD display, which is impressively brilliant, sharp and vibrant (particularly for 1994), supporting as much as 1024×768. The keyboard is full-size with first rate journey, and SAIC thoughtfully included easy-clean soft-touch wrist help pads with buttons on both facet of the trackball for no matter handedness you require. Since ships inevitably take care of water, a keyboard overlay made it a minimum of partially proof against spills and splashes, although I’ve solely considered one of them. A clasp within the entrance locks the lid shut when closed.

If the monitoring numbers are in any respect sequential, my authentic machine on prime is the older one, although nothing appears to have a date of manufacture or meeting printed on it besides the arduous disk and a few of the chips (and these could have been replacements). Additionally be aware the “shipboard shock hazard,” betraying its raison d’être.

The machines may completely be used as “standard” workstations with the lid closed and linked to exterior gadgets. Closing the lid doesn’t energy it off or sleep the system. Switches within the again choose the inner keyboard and trackball supported by modifications to the 712’s logic board, or you might connect a PS/2 keyboard and mouse. Headset output and two audio inputs, DE-9 RS-232 serial, VGA, parallel, SCSI and Ethernet (AUI or twisted-pair) full the port choice.

The outer case is completely impact-resistant plastic. On this view, the rear with ports is dealing with north and the entrance with the facility swap and three.5″ floppy drive is dealing with south. The underside is elevated off the bottom on rubber toes and by the cross-hatched sample of ridges each for air flow and if it received positioned on a moist floor. In direction of the entrance are three bolts organized in a proper triangle and 4 screws to the fitting of that in a vertical rectangle. These restrain the floppy drive and arduous drive respectively.

The 2 entrance corners have lengthy lag bolts that join into shrouded screw holes; the entrance centre holds a smaller, shorter bolt. With these eliminated, the keyboard lifts as much as reveal the inside. We see the underside of the keyboard and trackball, plus the facility provide, the logic board, the accent playing cards and the floppy drive bolted on prime of the SCSI arduous disk. Whereas the within is not significantly packed effectively, it is also simple to entry all of the elements and impact discipline repairs, which would appear extra essential than any modest financial savings in inside quantity.

The underside of the keyboard and, on the prime, the trackball. The board is dominated by a big Datel DC/DC converter, ribbon cables for the matrix and energy traces. The “hazard” warning is not kidding: after I was engaged on the unit with A/C energy linked, I by accident contacted the energized energy provide beneath it and received a nasty if fortuitously minor shock. All the time use one hand when engaged on a doubtlessly reside circuit.

The facility provide itself is the usual HP 0950-2356 (APS-61) 70W provide manufactured by Sony, the identical energy provide within the 9000/712, offering 3.3V, 5V and 12V DC. It accepts 100-240V AC with out adjustment, which was on no account assured on all computer systems within the mid Nineteen Nineties. The primary energy block goes to a small customized interposer board that not solely redirects the logic board’s energy pin headers 90 levels for house financial savings but in addition bleeds off traces to energy the keyboard and run the primary fan as an alternative of utilizing the logic board’s fan connector. The facility LED and arduous disk exercise LED are on the backside left subsequent to the facility button.

The logic board is a modified 9000/712 A2877A 80MHz system board. The pink, white, blue and orange wire bundle runs from the keyboard and trackball, by means of the rear enter gadget switches in sequence which act as cutoffs, and to solder factors on the again of the logic board. The brown wires and the gauze-covered material ribbon undergo the show hinge to the LCD, which we’ll speak about once we get to the growth slots.

The 80MHz PA-7100LC processor is below the blue steel heatsink; the crystal south of that serves as the primary system oscillator, a 160MHz half divided down by 2 for the CPU clock. The PA-7100LC is a 2-way superscalar core that helps MAX-1 SIMD and has two integer models and one floating level with a five-stage pipeline. The CPU instantly attaches to the bus and has its personal onboard reminiscence controller (MIOC). PA-RISC techniques are uncommon for supporting a number of ranges of L1 cache, and generally of large measurement: right here, the PA-7100LC has 1K internally that prefetches from a further 256K of instantly connected direct-mapped exterior L1 to the left of it. On prime of that, not like most processors, the PA-RISC cache is bodily tagged however nearly listed. The 60MHz board has simply 64K of exterior L1 which hobbled the slower board much more than the clock velocity would recommend, and though the PA-7100LC is without doubt one of the minority of PA-RISC processors that would help L2 cache, the /712 logic board has no provision for it.

There are solely 4 RAM slots on the 60MHz and 80MHz boards which take 72-pin 60ns FPM ECC SIMMs as much as 32MB, so the restrict is 128MB. Reminiscence should be put in in pairs from the entrance going again; this machine has two 16MB sticks for 32MB of RAM, however my NeXTSTEP system has 4 32MB sticks for the utmost 128MB. 64MB SIMMs exist however aren’t recognized to exceed the logic board most (the 100MHz variant can take six sticks for a ceiling of 192MB, however SAIC by no means used that board).

Additionally identifiable are the Western Digital WD37C65C floppy disk controller (dated thirty fifth week 1995), the Crystal CS4125 16-bit “Concord” audio chip (1st week 1996), a Fil-Magazine 78Z1120D-01 10BaseT interface (thirty fifth week 1995) and a Maxim MAX211 RS-232 serial transceiver (1st week 1996). Each my models have model 2.2 ROMs which appears comparatively current. Not seen listed below are the Intel 82C596CA 10Mbit Ethernet controller, the HP 1FT1 LASI (“LAN SCSI”) ASIC containing the NCR 53C710 Quick & Slender SCSI-2 controller in addition to the system bus logic, and the HP 1FU2 CRX Artist onboard graphics ASIC with 1MB of VRAM, all on the underside of the board.

On the backside of the board are the facility connector, the SCSI pin header (the cable is not keyed, so be careful), the speaker cable (pink/black wires), the fan connector (unused on the Galaxys), and the floppy disk pin header. This can be a common 34-pin PC floppy disk connector, although it wants a twisted floppy disk cable to correctly choose the only disk as drive 0. You do not want the floppy linked to run the system, which makes it a bit simpler to work with when you’re simply slinging SCSI disks. Each arduous disks had been Seagate Hawk ST32151N 5400rpm SCSI-2 “slender” (i.e., 50-pin) drives.

The Galaxy has a bizarre growth setup layered on prime of the /712’s already oddball collection of slots. The LASI ASIC implements the GSC (Basic System Join) bus typical of different PA-RISC workstations of this technology, however that is the place the similarities finish. As a substitute of the extra frequent 100-pin slots on different GSC techniques, the 9000/712 has an 80-pin slot known as GIO (Basic I/O?) meant for video, community and HP-IB choices, and a 30-pin “Teleshare” or TSIO (Teleshare I/O?) slot that supported solely a single card implementing telephony and fax/information modem performance.

The GIO slot within the Galaxy is occupied by a second graphics card, a customized SAIC job which appears like a second CRX Artist card to the working system and makes use of the identical HP 1FU2 ASIC. It carries 2MB of VRAM on the cardboard, identical because the on-board Artist graphics (the A2263-66520/A4025A VRAM card put in in entrance of the SAIC graphics board upgrades the on-board graphics to 2MB). 2MB Artists help as much as 1280×1024 with 8-bit color enhanced by HP Shade Restoration, which makes use of a particular DSP to implement a 24-bit visible in {hardware} with minimal dither artifacts.

Though the SAIC Artist card could have been derived from it, this card is unquestionably not the identical because the A2878-90010/A2878A second monitor card. Not like the A2878A, which can’t act because the console, the SAIC card not solely can however does so by default as a result of it, not the onboard Artist, drives the LCD (and a few of the LCD video {hardware} is on the cardboard as properly). This yields the atypical state of affairs the place the built-in show is definitely the secondary one; the first show is in actual fact the exterior VGA connector which is all the time accessible. As there are two Artists within the Galaxy, it may well help twin shows.

The opposite oddity in regards to the SAIC Artist card is what it is linked to. The Galaxy’s official growth slots are literally PCMCIA, although I solely know of a 14.4Kbps fax modem card developed for these slots and I’ve by no means personally seen it. The PCMCIA slots are carried out by one other SAIC-specific card bolted to the again of the SAIC Artist that appears like a GSC Wax EISA bridge to the machine — similar to what you’d discover in an HP 9000/745 — however the variations of HP-UX 10.10 that got here with these techniques even have a module to help it and name it a “Cirrus PCMCIA Adapter” (the notation “Chip Rev. 05H” additionally seems within the kernel messages). The SAIC Cirrus card is notionally within the TSIO slot however jumpers on the SAIC Artist card, which specify if the Artist card is alone or “W/WAX-EISA” linked, recommend that Cirrus is a minimum of partially depending on the Artist card for perform and presumably makes use of a few of its bus traces (the cardboard even calls itself “GSC WAX-EISA” as an alternative of TSIO). Since legacy pre-CardBus PC Playing cards are carried out as EISA, the Cirrus board makes use of the identical Texas Devices TACT84500 EISA bridge chip because the common HP Wax bus bridge.

When powering it on, the facility LED flashes till it enters the kernel and begins flashing once more when it returns from it (letting you already know it is protected to energy off). The boot display on my “large” 128MB NeXTSTEP Galaxy appears like this, taken with an Inogeni VGA2USB3 seize gadget linked to the exterior video. I set it to 640×480 as a result of that is the one 60Hz mode the Artist helps and the VGA2USB3 does not like different refresh charges. When you press ESCAPE right here, you may go to the boot monitor.

Displaying {hardware} data. Discover the console path is graphics. If it had been set to the inner show, the console path can be graphics1. Once more, this was not supported with the official HP second monitor card.

Exhibiting the video choices. The inner show is amusingly known as “elective” and has a 62Hz refresh price.

It is time to begin the working system.

SAIC HP-UX 10.10

Each of my machines got here to me with HP-UX 10.10; what was loaded on prime of that’s, after all, the present matter of curiosity. Naturally they’ll run Linux or NetBSD, however the place’s the enjoyable in that? They will run 10.20 advantageous, 11.00 badly, not least due to its bigger measurement (you’d need a minimum of the total 128MB of RAM), and 11i previous v1 in no way. It is attainable later kernels do not help Cirrus, however until you’ve got and require the SAIC PCMCIA modem card, that is undoubtedly no perceptible loss — NeXTSTEP does not help it both. Nevertheless, it is also notable that neither of those techniques have any later model of HP-UX put in regardless of the size of time they had been apparently in service (10.20 got here out in September 1996).

There is no such thing as a proof that the Galaxys had been ever bought commercially exterior of their HP subcontract, although clearly some made it to the surface world like these models right here, presumably by means of surplus resellers or scrappers and the like. That stated, the latest addition to my assortment wasn’t a TAC-4 system however quite vanilla HP-UX 10.10 with SAIC customized branding. We’ll name this our “civilian” machine.

The reseller I purchased it from stated they could not break into it and thus had been promoting it as is (and knocked 25% off as an enticement). We are able to change the basis password by bringing the kernel up single-user, however this explicit machine surprisingly has an older model of the HP-UX Preliminary System Loader (ISL), particularly model A.00.25 dated November 10, 1992, and I believe the totally different syntax it requires threw off the vendor. We convey up ISL from the boot monitor with boot major isl as an alternative of simply boot major (right here abbreviated to bo pri isl) and ordinarily would then give ISL the hpux -is command, however this model of ISL additionally wants you to specify the place the kernel is (hpux -is /stand/vmunix).

I did somewhat exploration whereas the machine was in single person. The BR2325 lithium battery had after all gone to the nice recycling bin within the sky, so it was getting the time from the filesystem, and right here time had stopped at 12:18pm, January 26, 2001, U.S. Jap Normal time. Apart from my reboot and the reseller fruitlessly bouncing it up and down, the final console login was root at 6:10am on the identical date. That seems to be the final time this machine was legitimately powered on in its prior life.

Apart from root, the one different person account with a password (there isn’t any shadow password on this model of HP-UX) was an account jpo (brief for jpoco, within the GECOS discipline) with a house listing /usr/jpo (not in /house). There have been comparatively few recordsdata right here and solely the default .profile (the person’s shell was Korn shell) and graphical login setup, however .sh_history had some fascinating stuff like

echo $PS1
PS1="Your order, your highness"
PS1=Your order, your highness
PS1="Your order "

which looks as if somebody was taking part in round with the field, however in a while there’s extra critical stuff like

mv ./tic cols
man PATH
cat /and so forth/default/login
discover / -name default 2>/dev/null
cat /and so forth/default
cat /usr/newconfig/and so forth/default
vi autopvcs

which appears extra in line with developer work. None of those instructions are after all timestamped. This person’s final login in wtmp was April 17, 2000.

uname stated

# uname -a
HP-UX laptop01 B.10.10 A 9000/712 2008790574 two-user license

revealing its hostname because the supremely unoriginal laptop01, in case your lap is the dimensions of André the Large’s. However that wasn’t its first host identify, as a result of there was additionally leftover mail to root from the system in /mbox and /var/mail/root, each timestamped January 1, 2000, and the mailboxes element a minimum of some portion of its historical past. On January 20, 1997, it was within the U.S. Pacific timezone named grasp and had a category A IPv4 deal with beginning with 15.*, which on the time was completely Hewlett-Packard’s vary. On February 24, 1997, its hostname was modified to mygal and it was given a nonsense deal with On March 11, 1997, it was relocated to the Jap timezone and renamed laptop01, however configured as “a standalone system” with out a community deal with. That notification was the final mail message to root.

jpo had some mail, too, however just for a couple of days in February 2000. Amongst different issues,

From jpo@laptop01 Mon Feb  7 05:19:24 EST 2000
Acquired: by laptop01
        ( id AA011208764; Mon, 7 Feb 2000 05:19:24 -0500
Date: Mon, 7 Feb 2000 05:19:24 -0500
From: jpo@laptop01
Return-Path: <jpo@laptop01>
Apparently-To: jpo@laptop01


#       ####### #     # #######
#       #     # #     # #
#       #     # #     # #
#       #     # #     # #####
#       #     #  #   #  #
#       #     #   # #   #
####### #######    #    #######

######  #     # ####### #     #
#     # #     #    #    #     #
#     # #     #    #    #     #
######  #     #    #    #######
#   #   #     #    #    #     #
#    #  #     #    #    #     #
#     #  #####     #    #     #

I will assume these had been check messages, but when they weren’t, I hope they had been very completely satisfied collectively. Apart from comparable messages and one piece of bounced mail, that was it. There was nothing previous February 7, 2000.

I blanked out the basis password and introduced it up multi-user.

(I will be aware right here for veracity that I’ve cheated barely to get these pictures, although I am precisely relating the steps I really took on the time. The screenshots had been truly acquired barely later after I correctly configured the system and logged in as root over Telnet, setting DISPLAY to :0.0 and retracing my steps taking grabs off the framebuffer with xwd -screen -root. Sure, it’ll even allow you to try this of the login display. For the current functions of the story, kindly pay no consideration to the person behind the scenes.)

These of you skilled with legacy proprietary Unixes and older {hardware} would possibly suppose that is simply an oddball Widespread Desktop Atmosphere (CDE) login, nevertheless it’s not, and it isn’t simply the SAIC branding both. As a substitute, that is CDE’s instant ancestor, the HP Visible Person Atmosphere (VUE). The model we’ll be utilizing is 3.0, the ultimate model of HP VUE initially launched with HP-UX 9.0. My HP-UX 8.0 9000/350 runs VUE 2.0, the unique VUE launch for HP-UX and an upgraded port of VUE 1.0 that ran on Apollo Area/OS after HP acquired them. HP-UX 10.20 in 1996 was the final model of HP-UX to ship with the HP Visible Person Atmosphere (VUE) as an choice and the primary to help CDE, three years after HP, IBM, Solar and Unix System Laboratories agreed to stop hostilities within the “Unix Wars” and develop a typical person interface to battle their mutual enemy Microsoft.

The visible similarities aren’t any accident: CDE was instantly descended from VUE, itself primarily based on Motif and the Motif Window Supervisor (mwm), so CDE additionally turned primarily based on Motif. Whereas the opposite events contributed numerous elements to CDE, HP VUE had probably the most influence on the person expertise; even the configuration recordsdata had been comparable sufficient such that HP may provide a largely computerized migration software to transform them. We’ll level out a few of the (principally minor) interface variations as we go alongside.

Just like the CDE login display, vuelogin offers you a collection of session varieties. You may restart the server (the window server), use a text-only login, show copyright messages, log right into a minimal fail-safe session with mwm and a single terminal console window (I will present this later), a HP VUE Lite session or a full HP VUE session. You can even choose from any of the put in languages.

VUE Lite is a modest trimming of the core, that includes “enhanced system efficiency by omitting full icon-based file administration, full session administration, and file annotation” (per the three.0 handbook). I discovered little efficiency distinction between the 2 on this technique, however machines which might be even slower or with comparatively extra constrained RAM might even see a constructive enchancment.

The copyright messages spill over the display to the underside and are the identical as you get logging in (proof momentarily). Luckily you possibly can simply press RETURN/ENTER if the OK button is not seen.

The Assist button shows a proof of the choices with a mildly unprofessional typo. My spouse the English instructor has volunteered her proofreading companies to Hewlett-Packard for a extremely cheap hourly price. We’ll let you already know.

Properly, let’s log in.

The VUE copyright messages, the identical kind of display you’d see logging right into a CDE session, and precisely the identical because the malproportioned window’s.

The root account was not pristine; the earlier person (jpo?) had it set as much as launch a terminal window as an alternative of the default “Welcome” assist doc. CDE’s session administration additionally hails from VUE.

The obvious distinction, nonetheless, is the entrance panel. Out of the field I discover VUE’s extra purposeful than CDE’s: not solely do you’ve got six default workspace shortcuts (“One” by means of “Six”) as an alternative of CDE’s default 4, in addition to the identical clock, mail, model supervisor, printer, filer, trash, app drawer and assist shortcuts, you even have a CPU load indicator and devoted shortcuts for managing the workspaces or opening a terminal window or textual content editor. And people are stuff you do loads. HP’s badging is somewhat gratuitous however we’ll grant them the indulgence (it simply offers you an about field when you click on on it).

Our first order of enterprise will probably be to get the community up, and for that we’ll want SAM, the Software program Computerized Mouth on your Commodore 64 pc HP System Administration Supervisor. Like “smit occurs” in IBM AIX, and Solaris again within the day had admintool, HP-UX has sam. Whereas you are able to do these duties on the command line, sam definitely does make them simpler to find.

sam, like smit, has each graphical and textual content shells. The graphical shell integrates properly with VUE with icons and home windows, quite higher than the AIXwindows variant of smit which simply has little menu buttons to press.

There’s additionally a considerable quantity of interactive on-line assist.

As an illustration, we’ll take a look at the graphic choices first. I discussed that there are functionally two Artist graphics adapters put in, so it has two shows. VUE is simply arrange to make use of the LCD and the second show is greyed out.

When an object is chosen, you possibly can carry out actions on it. VUE helps multi-screen and “single logical display” (spanned desktop) configurations. We do not have a second show linked to this nevertheless it’s good to have the choice.

Let’s have a look at what’s put in.

Not an amazing deal over the bottom set up, it seems. There are modem, fax and telecom packages onboard, however these would wish an exterior modem since there’s none within the PCMCIA slots. The Cirrus help modules are listed right here in addition to a diagnostics equipment, help for LIF (HP Logical Interchange Format) volumes, and Ghostscript. For some purpose the window is not resizeable.

Word that this does not record something “sideloaded,” after all. For instance:

# ls /choose
audio          graphics       nettladm       improve
dce            ifor           screencapture  video
dcelocal       picture          sharedprint

Amongst different issues, this technique additionally has a picture viewer, audio help for Concord and show drivers, in addition to OS help for the Distributed Computing Atmosphere, the distant process name mechanism HP inherited from Apollo when it purchased them out and have become a part of the collective vendor efforts behind OSF/1. Sarcastically, DCE primarily survives in the present day within the type of Microsoft Distributed COM (through MSRPC).

The /choose/video listing is especially fascinating as it is a remnant piece of HP MPower, meant as a collabourative atmosphere for VUE that supported scanning and faxing pictures and paperwork, shared X shoppers and whiteboarding, and dealing with video, audio and pictures. It does not appear to be configured on this technique, although, and the one items of MPower current are the audio editor (which does not work), the display seize software and the picture viewer. HP decommissioned it with HP-UX 11i and it was solely supported on sure workstations and HP X terminals, however the strings in /choose/video/lbin/vlServer nonetheless have my favorite system message ever: “No Drawback, Dudes and Dudettes”

Now for networking, so we will remotely log in (like we already are to take the screenshots, he says below his breath) and in addition repair the clock over NTP from Floodgap’s native stratum-1 server.

After setting an area IP deal with, we have to configure the Identify Service Change. Discover that HP-UX by default actually needs to be below YP/NIS (odd that that is nonetheless the case on an ostensibly “standalone” system), so we’ll simply put every little thing below native management and lower NIS out completely.

This can be a nice instance of how properly thought out SAM will be. Specifying search order and behavior is only a matter of a number of choose containers.

Now for NTP.

If at any time you are unsure what is going on on, you possibly can ask SAM to “clarify” it to you (right here we have requested it to “Clarify NTP”). Moderately than pause right here to reboot or in any other case forcibly replace the clock, although, let’s exit SAM and proceed with our transient tour of VUE.

The default structure for VUE opens a assist window “Welcome to Your HP Workstation!” which incorporates hypertext documentation. Assist recordsdata are instantly accessed from instruments in a assist subpanel which rises out of the entrance panel (together with a particular man web page viewer), in the identical method because the later CDE entrance panel does. Right here I give CDE factors since you simply click on the identical arrow to open or retract the varied subpanels; VUE requires you to press the “down” arrow on the subpanel itself to retract it. Subpanels are home windows and will be moved across the display. They regain their default location if you retract them, even when you moved them. You may configure their underlying description recordsdata in /and so forth/vue/config/panels.

Whereas the assistance facility is not not like what we saw in Sun’s OpenWindows functionally (which was PostScript-powered), clearly it most resembles CDE’s assist system visually. The VUE 3.0 Assist Viewer was certainly accepted “nearly as is” (in HP’s phrases) as a part of CDE.

Nevertheless, what it views modified radically. CDE help documents begin as SGML recordsdata utilizing a DTD known as HelpTag, and are then “compiled” into one other SGML-based distribution format known as Semantic Supply Language (SDL, confusingly to trendy audiences), the chief distinction being that Semantic Supply Language is optimized for extra environment friendly show. An SDL “runtime assist file” breaks up sections and chapters from HelpTag supply into blocks and varieties, merging them with numerous model sheets (“tables of semantics and kinds,” or TOSS) into a set of self-contained digital pages with no exterior dependencies aside from pictures. Functions distribute a single .sdl file, plus any graphics. A listing of identifiers (LOIDS) within the runtime assist file serves because the index.

So VUE was simply an earlier model of that scheme, proper? Properly, no. Let us take a look at this exact same assist “doc” itself as displayed by the Assist Viewer in /usr/vue/bin/helpview. In reality, it is a number of recordsdata:

# cd /usr/vue/assist/C/Vueintro
# ls -l
complete 232
-r--r--r--   1 bin      bin         5967 Nov 18  1995 Vueintro.hv
-r--r--r--   1 bin      bin         2822 Nov 18  1995 Vueintro.hvk
-r--r--r--   1 bin      bin        45206 Nov 18  1995
dr-xr-xr-x   2 bin      bin         1024 Feb 24  1997 graphics
-r--r--r--   1 bin      bin         6644 Nov 18  1995 rVueintro.hv
-r--r--r--   1 bin      bin         2822 Nov 18  1995 rVueintro.hvk
-r--r--r--   1 bin      bin        51552 Nov 18  1995
# ls graphics  hplogo.xwd  minifm.xwd   minifp.xwd    miniicons.xwd         miniterm.xwd    welcome.xwd     wspic.tif

Vueintro is offered to non-superusers; a particular administrator-specific rVueintro is offered to root, which is what we see right here. The .hv “Assist Viewer” recordsdata outline the subject record, matter hierarchy (what identifier is a subject’s mother or father, or nothing for the top-level), after which a listing matching matters to the .ht file containing them and the byte offset inside it. A keyword-topic index resides within the .hvk file. As for the graphics, they’re all XPM (.pm), XWD (such because the “Welcome to Your HP Workstation!” textual content, which is definitely a picture), or TIFF (the great artsy graphic, which is pre-dithered).

That is all easy sufficient, however the .ht file itself is usually opaque binary aside from the inexplicable textual content <TOPIC charset iso8859-1></TOPIC>. binwalk could not make head nor tail out of it. That solitary tag suggests some kind of SGML-based format, however no one is aware of, apparently not even Hewlett-Packard themselves: HP within the 8/96 Hewlett-Packard Journal admitted that the “distribution format [for VUE 3.0] was recognized solely inside HP after which solely by some members of 1 division. The specification of this distribution format was by no means revealed or meant for publication.” In addition they thought-about the necessity for a number of recordsdata to be a legal responsibility (NARRATOR: It was.), “leading to issues similar to shedding a number of of the recordsdata throughout set up.” Oops.

The 2 different default subpanels are for printers and toolboxes. Bear in mind when HP made printers that had been good? HP VUE remembers. There are three printer targets (“Default” plus a Laserjet III and Deskjet) pre-installed. The objects within the toolboxes subpanel open Program Supervisor-like home windows to pick out put in functions.

The Private toolbox attracts from instruments within the person’s house listing (the default set right here is offered from /usr/newconfig if none exist); Basic consists of the functions pre-installed on the machine. Community allows you to run VUE actions on distant machines you’ve got entry to through DCE RPC, however naturally no such machines are current, and Market was invariably empty since no upstream merchandise can be found.

The model supervisor (visible preferences) software, alternatively, got here to CDE nearly completely intact. Anybody who’s used CDE will probably be arduous pressed to inform the distinction.

The file supervisor and the (sub?)toolboxes within the Basic toolbox. Once more, the affect on CDE is patently apparent.

Fairly presumably probably the most fascinating software (which ought to nonetheless work in CDE, however HP stopped together with it with HP-UX 11) is xhpcalc, a triple-mode simulation of the HP-11C, HP-12C and HP-16C calculators. There are after all many HP calculator simulators, together with ones from HP themselves, however that is the true authentic and formally licensed by Hewlett-Packard. Alas, there is no such thing as a supply code, however I’ve an actual Voyager HP-15C anyway.

HP additionally included a easy date ebook, and there have been numerous “unsupported” functions together with this Columns sport. I seem to have been the primary one to really play it on this pc as a result of the excessive rating record was completely clean.

Logging out, nearly precisely the identical alert CDE would offer you on exit.

Earlier than we go away for the SCIF to strive TAC-4, although, let’s take a short take a look at HP VUE Lite.

HP VUE Lite’s most evident distinction is a modified entrance panel. There are solely 4 default workspaces and the system load, printers, file supervisor and trash can are all absent.

As well as, the one instruments you’ve got are those in your Private software field and the terminal window shortcut has moved to a subpanel of its personal with a quite giant vary of terminal session choices, even when their variations is likely to be virtually refined. You might after all run any apps you wished from a shell immediate; they’re simply not a part of the interface.

On the entire, although, on even this modest 80MHz 32MB system I may detect no perceivable distinction aside from marginally quicker startup. Close to as I can decide VUE Lite wasn’t even thought-about to be a part of CDE and thus disappeared when VUE did.


That is sufficient background for us to maneuver to the TAC-4 arduous disk. Earlier than we proceed, let’s get a pair issues straight, particularly since proper now nobody within the federal authorities can apparently deal with labeled data correctly: nothing I will present right here has any recognized classification degree, not even Managed Unclassified Info, Delicate However Unclassified or For Official Use Solely, none of that are technically labeled anyway. I personally carry a federal safety clearance as a result of $DAYJOB and I do not care to jeopardize it.

See Also

That stated, I used to be additionally not capable of finding something on the arduous disk that seems to be labeled in any case. More than likely such supplies resided on a central server, which we’ll present how we all know this machine to have accessed. I’ll deliberately not present IP addresses or sure unrelated FQDNs in case parts are nonetheless operational, however we will derive what the machine was used for, and because the function it served is already recognized overtly I see no situation with speaking about it right here.

Just like the “civilian” set up we’ll boot single person to get into the filesystem, however the A.00.38 October 26, 1994 model of ISL on this tough disk will use the default path to the kernel if one is just not specified.

In single person I blanked the basis password and took a go searching. Its clock stopped at Might 19, 1998, 4:08pm Jap Daylight Time (final verifiable login was April 29, 1998, at 6:24am). There have been no different customers with a password aside from root. The root person had no shell historical past, and solely a default .profile and VUE configuration, however had run Netscape. We’ll come again to this.

uname was precisely the identical because the civilian set up apart from the hostname (which was taped to the entrance; I’ve eliminated it):

# uname -a
HP-UX osfhp03 B.10.10 A 9000/712 2008790574 two-user license

This machine was named osfhp03. The derivation of the HP half is apparent (I suppose there have been a minimum of three on this location), however unsure what OSF meant (Operational Help Facility?) besides that it in all probability did not imply OSF/1.

There was nothing in /house and nothing in /usr that regarded like an orphaned house listing, however there was an odd listing /h:

# ls -a /h
.           AcctGrps    CompT       GZIP        SAMBA       h.tar
..          COE         DAZ         JETADM      USERS       public
APACHE      COTS        EM          PrtDrivers  information

The h.tar regarded prefer it was sideloaded right here from another system and suggests it enabled server capabilities (given Apache, Jet Admin and Samba), although we do not know if this machine truly ran these, after all.

The COE listing can be noteworthy. This seems to be compliant with The Open Group’s Common Operating Environment and at the moment minimally required Perl and Netscape Navigator (on this technique 5.003 and 4.04 respectively) together with a webserver (Apache). There’s additionally a JVM set up and Tcl together with different elements. COTS even had a PA-RISC model of Adobe Acrobat Reader 3. The USERS listing contained numerous profiles together with for the net server and for nameless FTP. The newest file was date-stamped April 20, 1998.

I will inform this story within the “proper” order with out dishonest now that you’ve got seen the fundamental interface. After I restarted and tried to enter VUE the machine put up the copyright message, however after an interminable wait stalled out with this deadly error:

My guess is it was ready for community assets which by no means arrived. We’ll want to chop the ties that sure it, and for that we’ll convey up SAM in textual content mode this time.

Textual content SAM has the identical menu choices as VUE SAM and works “the identical” — you simply get round with keystrokes as an alternative. HP console terminal emulation is absolutely nice, truly, and significantly better than the console on my AIX {hardware}.

Untangling the Identify Service Change.

Its DNS settings, although, are value speaking about. I’ve obliterated the nameserver IP however I would like you to see the default area,

Do not trouble making an attempt to resolve that from your own home desktop as a result of you possibly can’t. Broadly talking, in a United States Division of Protection facility that handles delicate or labeled data, totally different classification ranges reside on totally different, separated networks as a part of the overarching Protection Info System Community (DISN). Prime Secret materials and/or Delicate Compartmented Info makes use of the DoD’s Joint Worldwide Intelligence Communications System, or JWICS, and nearly any DoD SCIF will probably be linked to it. Then again, unclassified data travels on the Non-classified Web Protocol Router Community (NIPRNet), which changed MILNET (separated from ARPANET in 1983) within the early Nineteen Nineties, although something on any of the opposite networks may also be unclassified.

For the Secret or Confidential data within the center, that goes over both JWICS or the Safe Web Protocol Router Community, or SIPRNet. SIPRNet is kind of a pocket parallel Web universe with its personal companies like SIPRNet-specific web sites and E-mail. Unclassified data may also be on SIPRNet, together with on SIPRNet-only websites. The giveaway that this technique was linked to SIPRNet is the half: that second-level area is exclusive to SIPRNet. For the U.S. Division of State, which additionally makes use of SIPRNet, there is a corresponding

What in regards to the adnet. half? Properly, that alone tells us usually the place this machine was used. ADNET, the Anti-Drug Community Program, got here out of the Protection Authorization Act for Fiscal Yr 1989 and the Protection Appropriations Act of 1990 directing the Secretary of Protection to create a communications community for U.S. belongings concerned in drug interdiction and counternarcotics, whether or not devoted or partial, civilian or army. It offers real-time safe communications (together with radio and satellite tv for pc, not simply over SIPRNet), information sharing and evaluation capabilities. As early as 1991, 88 DoD and regulation enforcement techniques at 59 websites had been already linked all through the Western Hemisphere and Europe in line with a December 1991 U.S. Basic Accounting Workplace transient.

In 1991 ADNET’s workstation view regarded like this. Varied, presumably purely illustrative, radar monitoring snapshots and an unclassified opnote are displayed. The GAO report acknowledged “[t]he system makes use of software program modified from an present Navy battle-management and command-and-control system.” If this was certainly a U.S. Navy pc, then at the moment it could have descended a minimum of partly from TAC-3, the earlier HP Apollo deployment. ADNET is an obscure initiative and small by American army funds requirements, however its existence and function are hardly labeled; the U.S. Basic Providers Administration has even completed press releases about it.

To have that default area in its DNS settings means this technique should have been on the within. Not like the extra careless person of our civilian unit, nonetheless, there aren’t any residual system E-mail containers right here to get the historical past and the identical GAO transient additionally paperwork 27 attainable areas in that timezone in a number of settings — I would add none of them matching the acronym OSF — so we will not get rather more particular than the japanese United States. In /h/COTS/ADNET there are jobs to execute in cron and numerous consumer binaries, however they’re simply issues like an audio and animation participant, FTP consumer and log rotator, and there isn’t any understanding if this machine ever even ran them. By 2015, from the latest Protection Info Programs Company funds I may cursorily find, there have been 45 core websites in ADNET however over a thousand linked gadgets.

I discussed that the root person had run Netscape in some unspecified time in the future and whereas they solely had default settings and bookmarks and an empty mailbox, they did not clear their browser cache. There was precisely one website within the cache known as adnetdns, an unclassified useful resource, downloaded over SIPRNet. Right here is the way it appeared on April 27, 1998, at 9:26AM Jap, authentically rendered in Netscape Navigator 4:

All URLs had been within the second-level area. I’ve suppressed the E-mail deal with and the telephone quantity as a result of a few of you might be naughty and this is the reason we will not have good issues, however the web page above seems to have been the inner DNS website on the time. (I did not suppress the date; appears like somebody forgot a preprocessing step earlier than importing the doc.) This precise HTML doc (with an .html.sed extension) and GIF picture are additionally on disk below /h, however this machine was not adnetdns: assuming the DNS server this machine used was adnetdns, which the remark subsequent to the entry in SAM apparently claims, their former IPs do not match.

Correspondingly, given its branding and an identical working system model, my greatest guess for what our civilian machine was doing was in all probability help for the (by then) legacy TAC-4 techniques nonetheless in operation like this one. As such it was nearly definitely utilized by SAIC themselves, in all probability out of or supervised by their Reston, Virginia workplace.

TAC-4 had its personal branding for the VUE login display, too.

Login choices are the identical.

As a result of the login controls are decrease on the display, although, the copyright message instantly spills over the underside and takes the OK button with it. Simply press RETURN/ENTER to make it go away.

Similar assist display, identical disfunctional proofreeder. We’ll write up a proposal for the Navy too.

Okay, that is sufficient messing round; time to log in as root.

The TAC-4 copyright display is nearly precisely the identical because the civilian construct however provides, “Use and distribution of this software program is restricted to the TAC4 procurement.”

The final root VUE session got here up like this, with a subpanel nonetheless open and a filer window pointing to the now-disconnected port1:/. There was after all nothing in it however this consumer seems to have relied on it. There isn’t any method of understanding precisely what was there. We’ll see this server once more somewhat later.

By the best way, dig the customized background. I’ve transformed all the XBM picture to PNG so you can also make your personal desktop wallpaper appear to be you are utilizing an previous Navy pc too. You are welcome; I am right here to serve.

For all that branding, although, there wasn’t any apparent customization completed to the entrance panel itself. The default subpanel contents are unmodified and the Welcome assist file continues to be the identical.

Itemizing put in software program in SAM is equally uninformative, although not like the civilian machine somebody truly saved considerably present with updates. And, properly, provided that /h is principally an enormous wad of sideload, we should not be shocked. There have been some fascinating TAC associated issues within the filesystem:

# ls /var/adm/sw/merchandise
0200AC-core-pat   InstantIgnite     SOE               TAC4-powerchute
0200AC-supplmnt   Worldwide     SUPPORT-TOOLS     TAC4-xmcd
Accounting        InternetSrvcs     SW-DIST           TerminalMngr
AudioSubsystem    JournalFS         ScreenCapture     TextEditors
B3782DA           Keyshell          SecurityMon       TextFormatters
Curses-Shade      LSSERV            SharedPrint       UUCP
DCE-Core          LVM               SourceControl     Improve
DCE-CoreTools     MSDOS-Utils       Spelling          VME-Providers
DFS-Core          MailUtilities     Streams           VUE
DigitalVideo      NCSNCK            Streams-TIO       X11
DirectAccess      NFS               SystemAdmin       X11BMS
DiskQuota         Networking        SystemComm        eeprom-driver
Diskless          NonHP-Terminfo    TAC4-15-inch      fax-application
EMACS             OS-Core           TAC4-PDU          ifiles
GraphicsCommon    PHCO_6641         TAC4-XPAX         pcmcia-driver
GraphicsPEX5RT    PHKL_7615         TAC4-copyright    pcomm
HPUXEngRT700      PowerShade        TAC4-ghostscript  swlock
INDEX             PrinterMgmt       TAC4-lmgrd        xmodem
ImagingSubsystem  ProgSupport       TAC4-logo         zmodem

The TAC4-* packages are nearly all normal utilities and it is noteworthy they had been explicitly TAC-branded. I actually do not know why a CD participant (xmcd) or Ghostscript or license supervisor (lmgrd) must be tagged TAC-4, and even be a part of it for that matter, however we’ll assume they had been outlined parts of the overlay. Most of them deposited issues in /choose:

# ls -a /choose
.              dce            ifor           sharedprint    xpax
..             dcelocal       picture          improve
TAC4           emacs          nettladm       video
audio          graphics       screencapture  xmcd
# ls -ldt /choose/TAC4     
drwxr-x--x   2 root     sys         1024 Sep 19  1996 /choose/TAC4
# ls -alR /choose/TAC4     
complete 8
drwxr-x--x   2 root     sys         1024 Sep 19  1996 .
dr-xr-xr-x  17 bin      bin         1024 Sep 19  1996 ..
-rw-r-----   1 root     sys         1185 Jul 19  1996 tac4-copyright

And sure, all it’s is the copyright file, precisely the identical textual content as VUE shows on login.

These packages appear to have come from the mysterious server port1. We all know this as a result of /.sw/classes/ has an entry for its tape drive (swinstall.source_tape = port1:/dev/rmt/c0t3d0BEST). Very seemingly that machine served a number of shoppers, this unit being solely considered one of many.

I could not discover something on the machine that regarded prefer it may have generated the GAO transient’s screenshot, although. This machine won’t have run it or it may need been out of date by then.

Logging out.

VUE Lite wasn’t personalized in any respect for TAC-4, it seems. It solely had the default session and did not even get the cool embossed wallpaper therapy.

I discussed the fail-safe session in VUE, so right here it’s for completeness. It is actually simply Motif Window Supervisor and a terminal window, however hey, you are able to do every little thing from mwm and a terminal window. This could have been useful for a small-disk workstation with few native assets, however this TAC-4 consumer was “fats,” and I think about this session sort was not often used even in emergencies.

Shutting down.

What have we discovered? We all know that in 1997 the Navy introduced the brand new IT-21 “Info Know-how for the twenty first Century” program to succeed TAC-4, meant to switch the older TAC-3 and DTC-series techniques that had been nonetheless in service. By then the desktop PC had received out as commodity {hardware} and the RISC warhorses had been despatched to pasture. This TAC-4 system appears to have been end-of-lifed in 1998 in line with that timeline; mix this with the chip dates and it appears it was in service for under round two years. It might make sense that the SAIC help techniques remained in place till the final TAC-4s had been gone, which primarily based on the civilian system’s clock appears like round 2001, and in order that was the lifetime of the initiative.

Second, we have additionally discovered that no matter software program magic there was to TAC-4, it both wasn’t native or did not exist. The observable software program packages are nearly all off the shelf. It might appear unusual to selectively take away labeled packages with out taking the standard “nuke it from orbit” method, so I believe we’re on strong floor concluding what we noticed is what they received. I like these computer systems quite loads and I’ve little doubt the Galaxys acquitted themselves properly of their distinctive environments, however TAC-4 appears to have been nearly all about promoting {hardware}, which the American military-industrial advanced is all about too, and the desktop expertise was due to this fact tarted up solely as a lot because it wanted to be to look “particular.” (And third, a few of you bought to study a DoD program you’d by no means heard of earlier than.)

However there are some bigger classes as properly. First off, assuming there actually was any effort made to clean the arduous disk, objects had been nonetheless missed that would inform us loads from somewhat, and it is lucky for the Division of Protection this ended up with somebody who is aware of learn how to deal with labeled materials (not like some Presidential administrations I may point out). However they get some opsec credit score for apparently conserving nothing truly labeled on the system itself, though it may need been higher simply to shred the disk and surplus the remaining — although in the event that they did that I would not have been in a position to write most of this text.

That is in all probability a few of the final software program environments we’ll have the ability to protect from settings like these, by the best way. The Feds transfer sluggish, however safety devices get budgets, and 20 years from now all we’ll see are SSDs encrypted at relaxation if we get any {hardware} in any respect. Excessive-security retrocomputing will thus change into an entertaining train find again doorways — or simply plain brute power.

Source Link

What's Your Reaction?
In Love
Not Sure
View Comments (0)

Leave a Reply

Your email address will not be published.

2022 Blinking Robots.
WordPress by Doejo

Scroll To Top