A scary story from the real world.

A scary story from the real world.

[Per Sandberg]

I was on a conference this week and that opened my eyes on the complete 
ignorance of good compilers and languages in some the Reliable SW 
communities.
   http://www.issre2007.hv.se/extra/pod/
There was lots of talks about on how to detect values out of bounds and 
other problems that reasonable languages with type-system would find 
probably at compile time.

One Microsoft person said "we had lots of crashes in the system and the 
cause of that was that the driver vendors did not look on the return 
code from functions"
Then the blamed the poor programmer for not reading the secret "users 
manual".
/Per

Re: A scary story from the real world.

[Jerry]

On Nov 9, 10:33 am, Per Sandberg <per.sandb...@bredband.net> wrote:
> I was on a conference this week and that opened my eyes on the complete
> ignorance of good compilers and languages in some the Reliable SW
> communities.
>    http://www.issre2007.hv.se/extra/pod/
> There was lots of talks about on how to detect values out of bounds and
> other problems that reasonable languages with type-system would find
> probably at compile time.
>
> One Microsoft person said "we had lots of crashes in the system and the
> cause of that was that the driver vendors did not look on the return
> code from functions"
> Then the blamed the poor programmer for not reading the secret "users
> manual".
> /Per

Was Ada even mentioned?
Jerry

Re: A scary story from the real world.

[Per Sandberg]

Jerry wrote:
> On Nov 9, 10:33 am, Per Sandberg <per.sandb...@bredband.net> wrote:
>> I was on a conference this week and that opened my eyes on the complete
>> ignorance of good compilers and languages in some the Reliable SW
>> communities.
>>    http://www.issre2007.hv.se/extra/pod/
>> There was lots of talks about on how to detect values out of bounds and
>> other problems that reasonable languages with type-system would find
>> probably at compile time.
>>
>> One Microsoft person said "we had lots of crashes in the system and the
>> cause of that was that the driver vendors did not look on the return
>> code from functions"
>> Then the blamed the poor programmer for not reading the secret "users
>> manual".
>> /Per
> 
> Was Ada even mentioned?
> Jerry
> 
> 

No !
And that was what i found scary.
 From my perspective the whole conference was about how to we make the 
best out after we have crashed instead of how do we avoid to crash.

I mentioned Ada in connection to the Microsoft talk and the comment from 
the Microsoft person was something along the lines
  Ada is never going to make it and I and don't believe in it.
I wont quite since i don't remember the exact worthing.

/Per

Re: A scary story from the real world.

[Larry Kilgallen]

In article <K34Zi.15908$CT3.3476@newsfet01.ams>, Per Sandberg <per.sandberg@bredband.net> writes:
> Jerry wrote:
>> On Nov 9, 10:33 am, Per Sandberg <per.sandb...@bredband.net> wrote:
>>> I was on a conference this week and that opened my eyes on the complete
>>> ignorance of good compilers and languages in some the Reliable SW
>>> communities.
>>>    http://www.issre2007.hv.se/extra/pod/
>>> There was lots of talks about on how to detect values out of bounds and
>>> other problems that reasonable languages with type-system would find
>>> probably at compile time.
>>>
>>> One Microsoft person said "we had lots of crashes in the system and the
>>> cause of that was that the driver vendors did not look on the return
>>> code from functions"
>>> Then the blamed the poor programmer for not reading the secret "users
>>> manual".
>>> /Per
>> 
>> Was Ada even mentioned?
>> Jerry
>> 
>> 
> 
> No !
> And that was what i found scary.
>  From my perspective the whole conference was about how to we make the 
> best out after we have crashed instead of how do we avoid to crash.

That seems to be the attitude on the Secure Coding mailing list:

	http://www.securecoding.org/list/charter.php
	http://krvw.com/mailman/listinfo/sc-l

Re: A scary story from the real world.

[anon]

Microsoft may have a lot of weigh but they are more wrong in what 
they say then they are right! And they are great at passing the 
blame. What they forget to say is that from the 1980s they have 
enforce bad programming techniques. An example is the use of Basic
and allowing one line programs even though that one line was 
multi-statement taking 16k to 64k in length.

Another is their views on multicore and parallel processing.

I was talking about multicore and parallel processing back in September 
I came across an article about Microsoft and multicore processors. 
The article was something like Microsoft saying back in the 1980s 
that we would never need more than 640K for a ram size. 


   Title:  Microsoft sees shift to parallel in 10yrs
   Posted: 03 Sep 2007


   Multicore processors are driving a historic shift to a new parallel 
   architecture for mainstream computers. But a parallel programming 
   model to serve those machines will not emerge for five to 10 years, 
   according to experts from Microsoft Corp.

   ... 

by  Rick Merritt
EE Times


In talking to another person they said:

> This is kinda funny, mostly because some serious multi-core machines
> are available today. And with AMD entering the race with a quad
> Opteron, and 8-core systems from Intel on the immediate horizon, I
> expect to see prices for 4/8-way systems fall to a reasonable range
> within a year or two. Now, granted, my definition of "reasonable" may
> be slightly higher than some people's, but still.. they are coming,
> and they'll be here before the decade mark for sure.


And it is funny because there are basically four groups that are 
powering parallel processing. Group 0, or the original parallel group 
which is the scientific community. With government and tax payers 
paying the bill they have the money for multicore and parallel 
processing power, now. 

Then there is Group 1 which is business. Mostly at the movement is 
controlled by the internet and internet servers, they not only need 
the bandwidth but they need the processing power was well. Even though 
there is a small shift away from porn, the internet is still being paid 
by the biggest online money maker services aka porn. They have the money 
for multicore processing power and the need to use it, now.

Count Movies makers as Group 2.  Movie makers want to use special 
effects that are sometime dangerous or impossible to do. So, the 
count on special effects software to do the movie magic. The more 
power they have the more they can do in record time.  And with the 
movie going public able and welling to pay for that special effects 
movie, the movie makers have the cash for that power. And their need 
is now.

And Group 3, is the newest group but has deep pockets aka the Gamer, 
they want more power and are willing to achieve the power at any cost. 
And the Gamer is not going to wait for Microsoft's idea of 10 years. 
They want it, Yesterday. And with system like the "Powerstation 3" a 
8/7 (1 processor disabled) they are not waiting. The "Powerstation 3" 
uses an IBM RISC multicore processor that IBM has stated that they are 
coming out with a line of business and server models using that same 
multicore processor.

Besides  multicore and parallel processing groups. There is the masses 
of the world. They are not waiting for Microsoft, they want more power 
now, like the functions in an IPHONE or the new IPOD. And these 
embedded system are less likely to crash. So, those programmers who 
wrote the code have it going on. And some of those system may have 
been written in Ada.

So, the power brokers groups and the technology are not waiting for 
Microsoft to play once again catch up on technology.  They are slowly 
moving away from listening to a Dinosaur called Microsoft. 

May Be Microsoft should do a background check of the programmers they 
are blaming.  They probability would find these programmer have been 
mind wipe to believe only in Microsoft dogma. With no true vision 
of the current status or the future of the computer world.

But the scary part is that Microsoft may have to play hard ball aka 
the software patent or licenses just to stay in the game. Oops, sorry, 
they are already playing the licensing game, once again.

Plus, to Microsoft "Ada" is permanently dead! And C/C++, JAVA are on 
their death bed as well. Which leaves "Visual Basic" and the .net for the 
future of programming.


In <0Q0Zi.409$CT3.318@newsfet01.ams>, Per Sandberg <per.sandberg@bredband.net> writes:
>I was on a conference this week and that opened my eyes on the complete 
>ignorance of good compilers and languages in some the Reliable SW 
>communities.
>   http://www.issre2007.hv.se/extra/pod/
>There was lots of talks about on how to detect values out of bounds and 
>other problems that reasonable languages with type-system would find 
>probably at compile time.
>
>One Microsoft person said "we had lots of crashes in the system and the 
>cause of that was that the driver vendors did not look on the return 
>code from functions"
>Then the blamed the poor programmer for not reading the secret "users 
>manual".
>/Per
>
>
>
>

Re: A scary story from the real world.

[Brian May]

>>>>> "Per" == Per Sandberg <per.sandberg@bredband.net> writes:

    Per> One Microsoft person said "we had lots of crashes in the system and
    Per> the cause of that was that the driver vendors did not look on the
    Per> return code from functions"
    Per> Then the blamed the poor programmer for not reading the secret "users
    Per> manual".

I think some driver vendors could write buggy code even if a good
language was used. The general attitude in the Windows world is to try
and work around the problem as opposed to finding out why a driver
installation repeatedly crashes at a given point on a given computer.

I see only two solutions:

1. Microsoft write or review drivers themselves. Unlikely to
happen. Even with an open source model like Linux, some drivers that
end up in the kernel are horrible (or so I have heard); there are
simply too many drivers to review and possibly rewrite every one.

2. Move driver to a separate user space process somehow, so only that
one driver crashes instead of the whole computer. Also it should be
immediately obvious which driver crashed, so the complaints go to the
right place. (See "The Hurd" and "Minix" for examples).
-- 
Brian May <bam@snoopy.apana.org.au>

Re: A scary story from the real world.

[Larry Kilgallen]

In article <sa4pryjx8tf.fsf@snoopy.microcomaustralia.com.au>, Brian May <bam@snoopy.apana.org.au> writes:

> I see only two solutions:
> 
> 1. Microsoft write or review drivers themselves. Unlikely to
> happen. Even with an open source model like Linux, some drivers that
> end up in the kernel are horrible (or so I have heard); there are
> simply too many drivers to review and possibly rewrite every one.

Some hardware vendors are unwilling to share the details of how their
hardware works with other companies.

Re: A scary story from the real world.

[Harald Korneliussen]

On Nov 10, 1:06 am, Brian May <b...@snoopy.apana.org.au> wrote:
> I see only two solutions:
>
> 1. Microsoft write or review drivers themselves. Unlikely to
> happen. Even with an open source model like Linux, some drivers that
> end up in the kernel are horrible (or so I have heard); there are
> simply too many drivers to review and possibly rewrite every one.

They do have a driver signing procedure, now, and some sort of
conformance testing. I don't know the details, but it has obviously
helped a lot compared to what we had before.

Re: A scary story from the real world.

[Jerry]

> I mentioned Ada in connection to the Microsoft talk and the comment from
> the Microsoft person was something along the lines
>   Ada is never going to make it and I and don't believe in it.
> I wont quite since i don't remember the exact worthing.
>
> /Per

Assuming your paraphrasing is mostly accurate, the Microsoft response
is _partly_ nonsensical.

"Ada is never going to make it:" All you (Microsoft) have to do is to
start using it. "Making it" is a non-issue.

"...I don't believe in it." Aha--now we're getting somewhere. Language
choice is apparently like religion, based on a belief system. People's
choice of religion is almost always the religion in which they were
born into. It must be the same for programming languages. But religion
is inherently belief-based whereas programmers take pride in being
logical and rational. So why _do_ programmers act as though language
choice is a belief system?

I wish some smart psychologist would do research on the propagation
over decades of crappy languages as the first choice of most
programmers.

Jerry

Re: A scary story from the real world.

[tmoran]

> whereas programmers take pride in being logical and rational.
IMHO, homo sapiens does rational thought like flying squirrels fly.
Yes, sort of, some of the time, but not like an eagle or a fly.
There are many things people do better than computers, but logic
isn't one of them.

Re: A scary story from the real world.

[Dmitry A. Kazakov]

On Sat, 10 Nov 2007 15:03:13 -0800, Jerry wrote:

> "...I don't believe in it." Aha--now we're getting somewhere. Language
> choice is apparently like religion, based on a belief system. People's
> choice of religion is almost always the religion in which they were
> born into. It must be the same for programming languages. But religion
> is inherently belief-based whereas programmers take pride in being
> logical and rational. So why _do_ programmers act as though language
> choice is a belief system?

Because programming language is a thought system. It is much
self-sufficient. Once one gets into such system he loses most of his
ability to judge rationally about it while staying within it.

> I wish some smart psychologist would do research on the propagation
> over decades of crappy languages as the first choice of most
> programmers.

add here crappy OSes, crappy CPU architectures, crappy software... There is
a natural law of Growing Crappiness. (:-))

-- 
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de

Re: A scary story from the real world.

[Brian Drummond]

On Fri, 09 Nov 2007 22:15:10 +0100, Per Sandberg
<per.sandberg@bredband.net> wrote:

>Jerry wrote:
>> On Nov 9, 10:33 am, Per Sandberg <per.sandb...@bredband.net> wrote:
>>> I was on a conference this week and that opened my eyes on the complete
>>> ignorance of good compilers and languages in some the Reliable SW
>>> communities.
>>>    http://www.issre2007.hv.se/extra/pod/

>> Was Ada even mentioned?
>> Jerry
>> 
>> 
>
>No !
>And that was what i found scary.
> From my perspective the whole conference was about how to we make the 
>best out after we have crashed instead of how do we avoid to crash.
>

Apropos of which, are we supposed to laugh or cry on reading this?
http://www.techreview.com/Infotech/17831/page1/?a=f

"I think the real problem is that "we" (that is, we software developers)
are in a permanent state of emergency, grasping at straws to get our
work done. We perform many minor miracles through trial and error,
excessive use of brute force, and lots and lots of testing, but--so
often--it's not enough.

Software developers have become adept at the difficult art of building
reasonably reliable systems out of unreliable parts. The snag is that
often we do not know exactly how we did it: a system just "sort of
evolved" into something minimally acceptable. Personally, I prefer to
know when a system will work, and why it will."

... considering the source...

- Brian

Re: A scary story from the real world.

[Harald Korneliussen]

On Nov 11, 12:03 am, Jerry <lancebo...@qwest.net> wrote:
> "...I don't believe in it." Aha--now we're getting somewhere. Language
> choice is apparently like religion, based on a belief system. People's
> choice of religion is almost always the religion in which they were
> born into. It must be the same for programming languages. But religion
> is inherently belief-based whereas programmers take pride in being
> logical and rational. So why _do_ programmers act as though language
> choice is a belief system?

Why invoke religion? anon below comments that the future for Microsoft
is Visual Basic. While I'm no fan of MS technologies, I know enough
about them to know that this is nonsense: Microsoft's strategy right
now is going for a multiple-lanuage virtual machine runtime, with a
Java-like language as the main development language.

Now, one may argue whether the Java/C# approach of virtual machines,
sandboxes, bytecode verification etc. is better than the Ada approach,
but it is at least an attempt. It's not as if they're doing nothing.

But the fact that anon doesn't even mention this, and instead invokes
the age-old spectre of Visual Basic, tells me that not everyone on
this side of the fence is interested in other approaches, to put it
like that.

Re: A scary story from the real world.

[Brian May]

>>>>> "Harald" == Harald Korneliussen <vintermann@gmail.com> writes:

    Harald> Now, one may argue whether the Java/C# approach of virtual machines,
    Harald> sandboxes, bytecode verification etc. is better than the Ada approach,
    Harald> but it is at least an attempt. It's not as if they're doing nothing.

There is nothing stopping Ada from having virtual machines, sandboxes,
bytecode verification, etc, either. If they really wanted to do so.

Also it is possible to compile Java code direct to machine code (gcj).

The issue of choice of language has nothing to do with if you want or
don't want these technologies.
-- 
Brian May <bam@snoopy.apana.org.au>

Re: A scary story from the real world.

[Stephen Leake]

Brian May <bam@snoopy.apana.org.au> writes:

>>>>>> "Harald" == Harald Korneliussen <vintermann@gmail.com> writes:
>
>     Harald> Now, one may argue whether the Java/C# approach of
>     Harald> virtual machines, sandboxes, bytecode verification etc.
>     Harald> is better than the Ada approach, but it is at least an
>     Harald> attempt. It's not as if they're doing nothing.
>
> There is nothing stopping Ada from having virtual machines, sandboxes,
> bytecode verification, etc, either. If they really wanted to do so.

AdaCore has ported GNAT to .NET. There was even a small ad in the
current Dr Dobbs for it.

-- 
-- Stephe

Re: A scary story from the real world.

[Georg Bauhaus]

On Mon, 2007-11-12 at 08:04 -0500, Stephen Leake wrote:
> Brian May <bam@snoopy.apana.org.au> writes:
> 
> >>>>>> "Harald" == Harald Korneliussen <vintermann@gmail.com> writes:
> >
> >     Harald> Now, one may argue whether the Java/C# approach of
> >     Harald> virtual machines, sandboxes, bytecode verification etc.
> >     Harald> is better than the Ada approach, but it is at least an
> >     Harald> attempt. It's not as if they're doing nothing.
> >
> > There is nothing stopping Ada from having virtual machines, sandboxes,
> > bytecode verification, etc, either. If they really wanted to do so.
> 
> AdaCore has ported GNAT to .NET. There was even a small ad in the
> current Dr Dobbs for it.

AppletMagic is integrated with SofCheck's Inspector (which is
made to help verification).