History question
David P. Schwartz
plug-discuss@lists.plug.phoenix.az.us
Fri, 08 Mar 2002 05:03:22 -0700
--------------38A293E47376BC2B69F2A20A
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Multics was a humongous (for that time) project funded in large part by the
government (DARPA, I believe) and developed by GE/Honeywell largely here in
Phoenix (at the Thunderbird and I-17 facility). It was the first time that
anybody had attempted to implement security mechanisms directly within the
hardware itself. It started around 1967-68, and kept many thousands of
techies well employed here for over a decade. (I used to work with a bunch of
guys who worked on Multics forever.)
They said that there was an ongoing debate about whether all the expense of
implementing the security stuff in hardware was really necessary. It was a
huge undertaking. Reportedly, some guys at Bell Labs got together and decided
to see if they could implement a software-only design that was as secure as
the Multics model. Hence, "Unix" became a loose acronym for "Unix is not
Multics".
Part of the problem with having security stuff in hardware was that nothing
was symmetric -- you had to go through the hardware "gates" to get access to
various system functions that only worked in one direction. So one of the
guiding principles of the overall Unix design was to make things as symmetric
as possible. Hence, the evolution of pipes on the command line and the
ability to send a file in one end of a pipe and have it come out the other
end, and feed the output back into the same things only reversed and get the
original data back.
Multics had something like 8 security "rings" that were supported by hardware,
modeled roughly after the typical kind of security methods used to protect
physical stuff. Unix implemented three levels of security based on roles:
"user", "group" and "world". It took a while before the military decided that
role-based security was a more effective approach.
Multics was designed for a machine with something like 128k words of memory.
Unix was designed on and for a PDP-8 (with 8k words of memory) and later a
PDP-11 with 32k words of memory. This was due in large part to the fact that
their newly designed programming language, called 'c', evolved on that
hardware, and that's what they had available to them.
(I remember when ASU's Engineering Computing Center got a bank of brand new
PDP-11Ms and they installed Unix on a couple of them. The others were running
RSTS-E, a fairly traditional "time sharing" terminal server. The Unix
machines kicked-butt over the other machines! I think that was back in late
1978 or early 79. I graduated in May of 79, and heard that within a couple of
years, they were all running Unix. RSTS was out.)
Another "feature" of Multics was that it was the target of another HUGE
undertaking of the Govt, in that it's primary language was a variant of PL/1
called PL/Multics, if I recall correctly. Again, the choice by Unix
developers to use a language that was regarded at the time as barely a step
above assembly code was notable.
Everything about Unix was pretty much deliberately chosen to be "not Multics".
AT&T used to freely license Unix to educational institutions. Berkeley became
a hot-bed of independent research and development efforts, and they spawned a
significant amount of re-design of both the kernel and many of the
command-line utilities. Berkeley had some kind of an arrangement with AT&T to
sell versions of their software to commercial organizations; that was where
the old BSD code originated. When AT&T spun off Bell Labs, the bean counters
started going nuts. I was working at Motorola at that time with the team that
was porting Sys V to the 68020. They started getting legal beagles in the
loop on things that they never gave a second thought to before that.
Some sort of controversy arose between the Regents of the UC Schools, the
profs doing the work at UCB, and Bell Labs over licensing. It was resolved by
everybody agreeing that the "Unix" trademark was the exclusive property of
Bell Labs, that nothing from UCB could use that name unless it was qualified
as being the "Berkeley version", hence the use of "BSD" on everything. And
the sales revenues would all go to the UC School System, rather than the
developers at UCB. Bell Labs put a relatively high price on their software
licenses, so most people favored the BSD version. Big corporations licensed
from the Labs, but everybody else went with BSD because it was practically
free (the professors didn't see any point in charging if the monies were only
going into state coffers).
Moto was porting Sys V to the 68020 under contract by the Labs, so they didn't
run into the same problem as UCB did. But then, nobody ever really trusted
Motorola's Unix software for some reason, preferring to buy it from Bell Labs
directly.
(tangent: In the early 70s, Gary Kildall was teaching at the Naval
PostGraduate School in Monterey where he invented a small programming language
that he called PL/M -- a "Programming Language for Micros". He used it to
write CP/M [a Control Program for Microprocessors, also modelled loosely after
Unix] that was a popular OS for 8080-based computers. He tried selling both
to Intel around 1976, but Intel wasn't buying. Bill Gates tried to buy it
around 1978, but Gary was busy golfing. PL/M was eventually "appropriated" by
Intel, and they used it to create a knock-off of CP/M they called ISIS. PL/M
went on to become Intel's primary development language until 'c' compilers
became so pervasive in the late 80's that they couldn't rape and pillage ...
uhh, I mean ... sell their PL/M tools any more. Bill Gates left Gary to his
golfing and then went out and bought this thing called "DOS" from Seattle
Computer Works. Anybody remember the word that used to be in front of
"Digital Research" before Gary shortened it?)
Here's some trivia y'all probably don't know... Some Multics hardware
architects got hired by Intel around 1977, and the 286 was given a 4-ring
security model adopted from Multics. A couple of Multics software architects
were hired as well to develop what was supposed to be RMX-86, a fully secure
real-time multi-tasking executive that took advantage of the new security
features. Unfortunately, the chip designers went off in the weeds and
implemented some "features" that prevented any real software support, so
nobody ever released a decent OS that worked in "protected mode" on that
chip. (I worked on the RMX-86 team at Intel where we were trying to do it,
and we determined it couldn't be done!) So the world had to wait until the
386 showed up a few years later for their first taste of "real" security in a
microprocessor. It took Microsoft to release Windows NT and IBM's OS/2 before
anybody took much advantage of the security features built into all of Intel's
x86 family of chips since the 386.
I'd be curious to know when the first protected-mode version of Unix was ever
implemented on an x86-based machine. I can't recall if Minix ran in
protected-mode or not. People avoided the Intel architecture like the plague
until the mid-80's, ostensibly because they believed the architecture was
somehow "warped".
What most people don't realize is that when Intel designed their 286, they
deliberately chose an architecture modelled after the largest and most
successful computer company in the world at that time -- IBM. The 286 was
designed to be roughly 1/2 of an IBM 360 CPU. IBM was funding LOTS of R&D to
find out how to improve compiler technology, and Intel figured it would make
it easier to hire "experts" if their architecture closely reflected what these
guys were already studying! For a while in the early 80's, Intel had one of
the sharpest compiler teams in the industry.
Unix was originally developed on PDP machines. These computers had a "flat"
architecture where all peripherals were memory-mapped -- they appeared like
storage registers in the regular memory space -- unlike the "segmented"
architecture used by IBM that had a separate set of I/O ports for peripheral
interfaces. Motorola adopted the PDP model. Their 6800 and the Intel 8080
weren't all that different if you ignored how they dealt with peripheral
devices. But the 68000 and the 286 suddenly looked like they came from
different planets. It was probably that architectural resistance that kept
people from seriously porting Unix to the x86 world.
Today the world has inverted -- the newest stuff is almost always released
first on Intel platforms, and then later on others. (Anybody know where can I
get a copy of Red Hat 7.1 for SPARC-IIi's?)
-David Schwartz
> From: "Michael F. March"
> To:
> Subject: Re: History question
> Date: Thu, 7 Mar 2002 21:56:51 -0700
> Reply-To: plug-discuss@lists.plug.phoenix.az.us
>
> UNIX was developed on a lark. The two inventors where on the
> Multics team and when AT&T pulled out of the project they
> recreated a lite version internally in AT&T.
>
> > I've read that AT&T developed Unix under US Government grant (DARPA
> > Project) which is why they couldn't sell it.
> >
> > George
>
--------------38A293E47376BC2B69F2A20A
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
Multics was a humongous (for that time) project funded in large part by
the government (DARPA, I believe) and developed by GE/Honeywell largely
here in Phoenix (at the Thunderbird and I-17 facility). It was the
first time that anybody had attempted to implement security mechanisms
directly within the hardware itself. It started around 1967-68, and
kept many thousands of techies well employed here for over a decade.
(I used to work with a bunch of guys who worked on Multics forever.)
<p>They said that there was an ongoing debate about whether all the expense
of implementing the security stuff in hardware was really necessary.
It was a huge undertaking. Reportedly, some guys at Bell Labs got
together and decided to see if they could implement a software-only design
that was as secure as the Multics model. Hence, "Unix" became a loose
acronym for "Unix is not Multics".
<p>Part of the problem with having security stuff in hardware was that
nothing was symmetric -- you had to go through the hardware "gates" to
get access to various system functions that only worked in one direction.
So one of the guiding principles of the overall Unix design was to make
things as symmetric as possible. Hence, the evolution of pipes on
the command line and the ability to send a file in one end of a pipe and
have it come out the other end, and feed the output back into the same
things only reversed and get the original data back.
<p>Multics had something like 8 security "rings" that were supported by
hardware, modeled roughly after the typical kind of security methods used
to protect physical stuff. Unix implemented three levels of security
based on roles: "user", "group" and "world". It took a while before
the military decided that role-based security was a more effective approach.
<p>Multics was designed for a machine with something like 128k words of
memory. Unix was designed on and for a PDP-8 (with 8k words of memory)
and later a PDP-11 with 32k words of memory. This was due in large
part to the fact that their newly designed programming language, called
'c', evolved on that hardware, and that's what they had available to them.
<p>(I remember when ASU's Engineering Computing Center got a bank of brand
new PDP-11Ms and they installed Unix on a couple of them. The others
were running RSTS-E, a fairly traditional "time sharing" terminal server.
The Unix machines kicked-butt over the other machines! I think that
was back in late 1978 or early 79. I graduated in May of 79, and
heard that within a couple of years, they were all running Unix.
RSTS was out.)
<p>Another "feature" of Multics was that it was the target of another HUGE
undertaking of the Govt, in that it's primary language was a variant of
PL/1 called PL/Multics, if I recall correctly. Again, the choice
by Unix developers to use a language that was regarded at the time as barely
a step above assembly code was notable.
<p>Everything about Unix was pretty much deliberately chosen to be "not
Multics".
<p>AT&T used to freely license Unix to educational institutions.
Berkeley became a hot-bed of independent research and development efforts,
and they spawned a significant amount of re-design of both the kernel and
many of the command-line utilities. Berkeley had some kind of an
arrangement with AT&T to sell versions of their software to commercial
organizations; that was where the old BSD code originated. When AT&T
spun off Bell Labs, the bean counters started going nuts. I was working
at Motorola at that time with the team that was porting Sys V to the 68020.
They started getting legal beagles in the loop on things that they never
gave a second thought to before that.
<br><br>
Some sort of controversy arose between the Regents of the UC Schools, the
profs doing the work at UCB, and Bell Labs over licensing. It was
resolved by everybody agreeing that the "Unix" trademark was the exclusive
property of Bell Labs, that nothing from UCB could use that name unless
it was qualified as being the "Berkeley version", hence the use of "BSD"
on everything. And the sales revenues would all go to the UC School
System, rather than the developers at UCB. Bell Labs put a relatively
high price on their software licenses, so most people favored the BSD version.
Big corporations licensed from the Labs, but everybody else went with BSD
because it was practically free (the professors didn't see any point in
charging if the monies were only going into state coffers).
<p>Moto was porting Sys V to the 68020 under contract by the Labs, so they
didn't run into the same problem as UCB did. But then, nobody ever
really trusted Motorola's Unix software for some reason, preferring to
buy it from Bell Labs directly.
<p>(tangent: In the early 70s, Gary Kildall was teaching at the Naval PostGraduate
School in Monterey where he invented a small programming language that
he called PL/M -- a "Programming Language for Micros". He used it
to write CP/M [a Control Program for Microprocessors, also modelled loosely
after Unix] that was a popular OS for 8080-based computers. He tried
selling both to Intel around 1976, but Intel wasn't buying. Bill
Gates tried to buy it around 1978, but Gary was busy golfing. PL/M
was eventually "appropriated" by Intel, and they used it to create a knock-off
of CP/M they called ISIS. PL/M went on to become Intel's primary
development language until 'c' compilers became so pervasive in the late
80's that they couldn't rape and pillage ... uhh, I mean ... sell their
PL/M tools any more. Bill Gates left Gary to his golfing and then
went out and bought this thing called "DOS" from Seattle Computer Works.
Anybody remember the word that used to be in front of "Digital Research"
before Gary shortened it?)
<br><br>
Here's some trivia y'all probably don't know... Some Multics hardware architects
got hired by Intel around 1977, and the 286 was given a 4-ring security
model adopted from Multics. A couple of Multics software architects
were hired as well to develop what was supposed to be RMX-86, a fully secure
real-time multi-tasking executive that took advantage of the new security
features. Unfortunately, the chip designers went off in the weeds
and implemented some "features" that prevented any real software support,
so nobody ever released a decent OS that worked in "protected mode" on
that chip. (I worked on the RMX-86 team at Intel where we were trying
to do it, and we determined it couldn't be done!) So the world had
to wait until the 386 showed up a few years later for their first taste
of "real" security in a microprocessor. It took Microsoft to release
Windows NT and IBM's OS/2 before anybody took much advantage of the security
features built into all of Intel's x86 family of chips since the 386.
<p>I'd be curious to know when the first protected-mode version of Unix
was ever implemented on an x86-based machine. I can't recall if Minix
ran in protected-mode or not. People avoided the Intel architecture
like the plague until the mid-80's, ostensibly because they believed the
architecture was somehow "warped".
<p>What most people don't realize is that when Intel designed their 286,
they deliberately chose an architecture modelled after the largest and
most successful computer company in the world at that time -- IBM.
The 286 was designed to be roughly 1/2 of an IBM 360 CPU. IBM was
funding LOTS of R&D to find out how to improve compiler technology,
and Intel figured it would make it easier to hire "experts" if their architecture
closely reflected what these guys were already studying! For a while
in the early 80's, Intel had one of the sharpest compiler teams in the
industry.
<p>Unix was originally developed on PDP machines. These computers
had a "flat" architecture where all peripherals were memory-mapped -- they
appeared like storage registers in the regular memory space -- unlike the
"segmented" architecture used by IBM that had a separate set of I/O ports
for peripheral interfaces. Motorola adopted the PDP model.
Their 6800 and the Intel 8080 weren't all that different if you ignored
how they dealt with peripheral devices. But the 68000 and the 286
suddenly looked like they came from different planets. It was probably
that architectural resistance that kept people from seriously porting Unix
to the x86 world.
<br><br>
Today the world has inverted -- the newest stuff is almost always released
first on Intel platforms, and then later on others. (Anybody know
where can I get a copy of Red Hat 7.1 for SPARC-IIi's?)
<p>-David Schwartz
<blockquote TYPE=CITE>
<pre>From: "Michael F. March" <march@indirect.com>
To: <plug-discuss@lists.plug.phoenix.az.us>
Subject: Re: History question
Date: Thu, 7 Mar 2002 21:56:51 -0700
Reply-To: plug-discuss@lists.plug.phoenix.az.us
UNIX was developed on a lark. The two inventors where on the
Multics team and when AT&T pulled out of the project they
recreated a lite version internally in AT&T.
> I've read that AT&T developed Unix under US Government grant (DARPA
> Project) which is why they couldn't sell it.
>
> George</pre>
</blockquote>
</html>
--------------38A293E47376BC2B69F2A20A--