• IBM i PTF Guide, Volume 24, Number 14

  April 6, 2022 Doug Bidwell

  Get your PTF patching fingers ready to roll across the keyboard because there are some new security vulnerabilities in the IBM i platform. First up, Security Bulletin: IBM Db2 Web Query for i is vulnerable to denial of service in Apache Commons Compress (CVE-2021-36090), arbitrary code execution in Apache Log4j (CVE-2021-44832), and cross-site scripting in TIBCO WebFOCUS (CVE-2021-35493), which you can learn about here.

  Release 2.2.0 can be fixed by upgrading to release 2.2.1 or 2.3.0, depending on your IBM i release level:

  • IBM i 7.4: Upgrade to Db2 Web Query for i 2.3.0
  • IBM i 7.3: Upgrade to

  …

  Read more

• IBM i Salaries: Underpaid, Yet Highly Valued And Hard To Replace

  March 7, 2022 Timothy Prickett Morgan

  It is a funny old world. In many cases, the applications that are running on the IBM i platforms of the world are trapped in a kind of time warp and so are the people who created and who maintain them. This is the only plausible explanation for the fact that salaries in the IBM i real world also seem to be in a time warp. And here we are riding up a huge wave of inflation, in something of a war footing thanks to COVID and the war in Ukraine, and it is not yet clear to any of …

  Read more

• Marketplace Study Shows How IBM i Language Use Evolves

  February 9, 2022 Alex Woodie

  It’s no secret that RPG dominates development on the IBM i platform. SQL and Control Language (CL) are also heavily used in the day-to-day operations of tens of thousands of IBM i shops. But what about other established languages, like Java and C++? What about newer open source languages, like PHP and Node.js? The recent HelpSystems Marketplace Study provides us a clue into language use.

  HelpSystems published its first IBM i Marketplace Study back in January 2016, reflecting data collected in late 2015 from 834 IBM i professionals around the world. One of the questions it has consistently asked is …

  Read more

• SrinSoft CEO Ram Hari’s Long Road on IBM i

  February 9, 2022 Alex Woodie

  Ram Hari has had the sort of IT career that many dream of. Hired in the late 1990s as a Y2K programmer, the India native climbed the corporate IT ranks, and today runs his own 500-person consulting company called SrinSoft. The New York City-based company offers a range of IT services, but with interest in IBM i modernization and migrations spiking during COVID, Hari is finding it hard to satisfy demand.

  Hari’s career started in 1995, soon after earning an undergraduate degree in computer science and electric engineering from a university in India. After getting his RPG certification, he was …

  Read more

• EvolveWare Sees Growing Demand for Application Rehoming

  January 24, 2022 Alex Woodie

  The COVID-19 pandemic has acted like an accelerant for IT modernization, as companies seek a better technical base upon which to launch new digital initiatives, often from the cloud. At EvolveWare, which specializes in migrating applications, 2021 brought a flood of business migrating applications off legacy systems, including big iron systems from IBM, and 2022 looks to be just as busy.

  Miten Marfatia founded EvolveWare back in 2001 to address what he predicted would be a surge in application modernization in the new millennium. Marfatia had put quite a bit of thought into the company’s business model, and figured there …

  Read more

• Some Good Advice About Log4j Mitigation Gotchas

  January 24, 2022 Timothy Prickett Morgan

  The Apache Log4j logging utility written in Java and available since the end of the Dot Com Boom in early 2001, has been installed far and wide into many systems and systems software packages in the more than two decades it has been available. And that is why the zero-day security vulnerability discovered by Chinese computing giant Alibaba on November 24 last year and revealed on December 9 has caused so much concern.

  Log4j is everywhere and that means the Log4Shell vulnerability that Alibaba described makes it particularly scary. But before we get into some of the mitigation advice that …

  Read more

• Log4j Hits Heritage Version of Navigator for i – No Patch Coming

  January 12, 2022 Alex Woodie

  IBM i shops running the old version of the Navigator for i client should be aware that the software is vulnerable to the Log4j security vulnerability, and there will be no patch to fix it, IBM says in a new security bulletin. There will, however, be fixes coming to other vulnerable components, including IWS, IAS, and IBM i Access Client Solutions (ACS), IBM says.

  Just before we hit the holiday break, the extremely severe Apache Log4j security vulnerability was disclosed to the world, resulting in a frantic effort to patch servers, desktops, refrigerators – just about anything with a …

  Read more

• IBM i Community Predictions for 2022, Part 2

  January 12, 2022 Alex Woodie

  The new year is upon us, which means it’s time for predictions. We continue where we left off on Monday with our second installment of predictions from the IBM i community.

  The way Fresche Solutions Chief Product Officer Marcel Sarrasin sees it, 2022 will be a period of heightened competition in the business jungle.

  “Technology advancements and changing markets will drive new competitive threats in 2022, creating the urgent need for new digital solutions to help companies thrive, survive and grow,” Sarrasin says. “Focus will be on new IT products and applications that will deliver improved business processes, pave the …

  Read more

• The Pivotal Year Ahead For Big Blue And IBM i Shops

  January 10, 2022 Timothy Prickett Morgan

  When we look back on it many years from now, this year, 2022, will be a pivotal year in the history of the Power Systems platform from Big Blue, which was commercially significant starting in February 1990 when the RS/6000 was launched but which obviously traces its roots through the IBM i and OS/400 branches of the Power Systems family tree all the way back to the System/3 launched in July 1969 just 10 days after humans first landed on the moon.

  There are different kinds of pivot points in the history of the IBM midrange platforms, including the launch …

  Read more

• Critical Log4j Vulnerability Hits Everything, Including the IBM i Server

  December 15, 2021 Alex Woodie

  Hackers gave themselves an early Christmas present this year with a critical security flaw in Log4j, a popular logging framework that is used across many programs, including some that run on IBM i. IBM i shops are encouraged to take this flaw very seriously, as the vulnerability already is being actively exploited in the wild. However, finding where Log4j exists in your stack is not always simple, which makes this particular flaw particularly nasty.

  The Log4j zero-day vulnerability, which was disclosed last week by security researchers with CERT New Zealand, was logged into the National Vulnerability Database as CVE-2021-44228 …

  Read more

Previous Articles Next Articles