Re: Faulty languages and Liability

[mjsilva697@earthlink.net (Mike Silva)]

Hyman Rosen <hyrosen@mail.com> wrote in message news:<3D0D31D2.2000104@mail.com>...
> Mike Silva wrote:
> > A better analogy is when your car catches fire while driving down the road.
> 
> But viruses which take advantage of buffer overflows and such are
> like spreading oil on the road to make cars crash. The manufacturer
> can very easily argue that the program works fine in normal use, and
> that intricately formed attack vectors are not part of that.

The story, and "The Story", are about much more than buffer overflows
-- it's about faulty software in general.  If there were tire
technology that could allow safe driving in oil slicks, and oil slicks
were common on the road, then yes, using 30-year-old technology that
couldn't handle the problem sounds like gross negligence to me.

> 
> It has already been mentioned that there are many other points of
> vulnerability than buffer overruns. There is cross-scripting, /tmp
> race conditions, symbolic link race conditions, and a host of other
> stuff, none of which will be *automatically* caught be using Ada.

Automobiles may crash if somebody throws a brick through the window,
or if they hit a patch of ice.  Every auto is susceptible to such
problems, because the technology does not exist or is not affordable
to prevent them.  However, when cars burn up because they use faulty
fuel hose when there exists a correct fuel hose then that's quite
possibly negligence.
> 
> So the argument boils down to the usual about Ada being better,
> but that doesn't really bring product liability into it.
> 
> >>If I was sued becuase I didn't use Ada,
> > Nobody is proposing that.
> 
> Sure they are, when an Ada advocate starts suggesting product liability
> lawsuits.

It's not about using Ada, it's about -not- using the most faulty tools
in the toolbox, which are known by one and all to be faulty tools
relative to other commonly available tools.
> 
> > What, exactly, were the "results of using Ada" on the Ariane 5?  I
> > know you don't like it when people resort to stupid anti-C++ comments
> > to make a point, so don't resort to stupid anti-Ada comments to make
> > your point, if you want to be taken seriously on cla.
> 
> I wouldn't resort to stupid anti-Ada comments on c.l.a, but if someone
> was trying to use lawsuits to force me to abandon the one true way and
> start using Ada instead...

It's not about Ada, it's about using reasonable, well-known tools and
techniques that are better than those being used.

> you can be sure that I would use every method
> at my disposal to fight that, including launching unfair attacks against
> Ada. I would resort to stupid anti-Ada comments with the jury.
> 
> The point of Ariane 5 is that the rocket blew up even though the software
> was written in Ada. This very much weakens the arguments that could be
> made that one should have used Ada instead of [lang], since there is a
> spectacular failure which demonstrates that writing in Ada is no panacea.
> So we just get back to the usual arguments about why one language is
> better than another, but there isn't much there for liability suits to
> claim that one should have used a different language.

That's a straw man.  Nobody ever, ever claims that a project using
software written in "X" can never, ever have a failure traceable to
proper or improper operation of the "X" software, anymore than
building aircraft with aerospace-rated bolts will guarantee that a
plane will never have a structural failure.  The problem today is that
far too many software houses are putting cheap hardware store bolts in
their planes and saying that they can't do any better.

It's not about perfect software, it's about negligence in knowingly
using inadequate tools and techniques when better ones have existed
for decades.

Mike