From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 1014db,582dff0b3f065a52 X-Google-Attributes: gid1014db,public X-Google-Thread: 109fba,582dff0b3f065a52 X-Google-Attributes: gid109fba,public X-Google-Thread: 103376,bc1361a952ec75ca X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2001-08-13 14:26:03 PST Path: archiver1.google.com!newsfeed.google.com!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!news.algonet.se!algonet!pepsi.tninet.se!not-for-mail From: Stefan Skoglund Newsgroups: comp.lang.ada,comp.lang.c,comp.lang.c++ Subject: Re: How Ada could have prevented the Red Code distributed denial of service attack. Date: Mon, 13 Aug 2001 22:23:40 +0200 Organization: Telenordia Message-ID: <3B78374C.AA2ACB71@ebox.tninet.se> References: <9kci3p$ri$1@elf.eng.bsdi.com> <9kdeuv$dfh@augusta.math.psu.edu> <9kecu6$f8i@augusta.math.psu.edu> NNTP-Posting-Host: du157-153.ppp.algonet.se Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Trace: cubacola.tninet.se 997737947 25133 195.100.153.157 (13 Aug 2001 21:25:47 GMT) X-Complaints-To: abuse@algo.net NNTP-Posting-Date: 13 Aug 2001 21:25:47 GMT X-Mailer: Mozilla 4.72 [en] (Win95; I) X-Accept-Language: sv,en,en-US Xref: archiver1.google.com comp.lang.ada:11873 comp.lang.c:73981 comp.lang.c++:82227 Date: 2001-08-13T21:25:47+00:00 List-Id: Kaz Kylheku wrote: > I hear you. But again, ``error'' has a weakened meaning in the context > of computing, because it's sometimes used to mean ``an environmental > condition that software has to deal with'' like running out of memory, > bad sector on a disk, unreachable server, etc. I learned while in school to differ between weakness, error and failure. Weakness is some point somewhere in the program which can cause problems error is when the weakness rears its head but things still works because of some sideeffect in the same/or some other part. Failure is when nothing helps. An example: one of the attitude sensor in JAS gripen has tripple redundancy. Why because the mtbf for this sensor is such that it will cause at least two complete failures (ie unintentional contact with ground) over the lifeline of this system. The failuremode of this sensor is easily detectable and so the system will log the error and change over to the next one.