From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,4eb65fab6deaa097 X-Google-Attributes: gid103376,public From: "Robert I. Eachus" Subject: Re: Lack of Mature Tools (was: Lockheed Martin, Green Hills, etc.) Date: 2000/04/26 Message-ID: <39075C3D.4C569B13@earthlink.net> X-Deja-AN: 616072104 Content-Transfer-Encoding: 7bit References: <4eaJ4.23498$hh2.538870@news.flash.net> <8d4lpa$ffu$1@nnrp1.deja.com> <8d531v$vcr$1@nnrp1.deja.com> <8d57mo$4d9@chronicle.concentric.net> <390472E9.E0A17BC6@ftw.rsc.raytheon.com> <8e5hr4$imt$1@nnrp1.deja.com> <87wvll7a5h.fsf@think.mihalis.net> <39069B90.C9A74221@earthlink.net> <87ln212ghg.fsf@think.mihalis.net> X-Accept-Language: en,pdf Content-Type: text/plain; charset=us-ascii X-Complaints-To: abuse@earthlink.net X-Trace: newsread2.prod.itd.earthlink.net 956783648 63.24.55.95 (Wed, 26 Apr 2000 14:14:08 PDT) Organization: The MITRE Corporation MIME-Version: 1.0 NNTP-Posting-Date: Wed, 26 Apr 2000 14:14:08 PDT Newsgroups: comp.lang.ada Date: 2000-04-26T00:00:00+00:00 List-Id: Chris Morgan wrote: > Yeah, but simple corruption would normally cause either tar or gunzip > to fail. What I should have said, I suppose, is it's not at all > difficult to reliably transmit the public versions to users and be > assured the right bits got there, e.g. if ACT had a public area on > their own ftp servers and published MD5 checksums. Of course ACT may > occasionally make a mistake and put the wrong file up, even on their > own servers, but in that case the odds would be reasonable that they > would also make up a cd containing the mistake. You seem to want to continue to misunderstand. Why would gunzip fail? Because the checksum did not match. MD5 allows additional protection against forged checksums, which are totally inapplicable to this case. To repeat something which you may have missed, ACT does not create all of the versions of GNAT, not even all versions on cs.nyu.edu. And for example, if you want a version of GNAT for Linux, there are several versions depending on whether you have Debian or Red Hat, and on which kernel version you are using, etc. You are much, much more likely to run into problems due to downloading the wrong version or installing it improperly than from someone smuggling a spoofed version onto the server. If you really need security, you have to pay the price. I am not talking about ACT's support price, which is trival, if you are working on a trusted or secure system. It may triple or more the cost of development to insure that your tools are trustworthy, and yes, if you need security and mission or life critical code, you can triple it again. Just adding an MD5 checksum would not help at all, you need to start with a risk analysis and a threat analysis. Then you can start doing all the things necessary to reduce the threat, which often will include examining the generated machine code for certain key parts of your program, burning parts of the code into ROM, etc. > Fair enough. But if I download this new p version and have a problem, > it shouldn't be hard to verify my version. Have you had a problem? I certainly have had bad downloads, but no difficulty in determining that the problem was just that... > Well not having ever had an ACT CD, I have to presume they transmit > checksums with their CDs, in which case yes it's more reliable, > however I still heartily dislike the implication that any users who > just picked up some random bits called gnat somewhere on the net can't > are not likely to have a valid version. Seeing as GNAT started off on > DoD money to be a freely available tool, and started off with NYU > staff dominating the development team, if they can't reliably transmit > a known version to me at least most of the time via some ftp site such > as cs.nyu.edu something is wrong. They can reliably transmit a known version to you. What RBKD is saying is that the version you pick up off the web without any involvement by ACT is not reliably transmitted, and I can't understand why you find that amazing. ACT is very good at insuring that the version they send you is appropriate for your system. If you want to install the Solaris version on your PC, it won't work, it is not their fault, end of story. Also if you decide to build GNAT from source for a currently unsupported system without ACT's help, they do not guarentee the result in any way, but they are quite willing to let you do so. If you want to do that, and add an MD5 signature to the version you prepare, go ahead. Well maybe not end of story. You have to understand what RBKD was saying. He was NOT saying, if you want to be sure of getting our version of GNAT, you must pay. He was saying that the support given to POTENTIAL customers by sales@gnat.com often makes the difference in a company's compiler choice. If you are trying to choose between supported compilers, compare the supported GNAT product to their competitor's supported product, or even to the unsupported version of GNAT. The "handholding" can, and often will, make a big difference. For example, if your company has Ada 83 legacy code and you are moving to Ada 95, they can help, in some cases by providing a special compiler version, to make it easy to get the existing code into GNAT style libraries and still or back under your version control system. This is why he is saying you should compare apples to apples. On the other hand, if you intend to compare the free version to some other compiler, go ahead. But understand that it is not the product that ACT is selling. The support from ACT is very good, and that is one of their major selling points.