From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,28cd155693714664 X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2002-06-16 17:48:13 PST Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!news-out.nuthinbutnews.com!propagator-sterling!news-in.nuthinbutnews.com!cyclone1.gnilink.net!spamfinder.gnilink.net!nwrddc02.gnilink.net.POSTED!53ab2750!not-for-mail Message-ID: <3D0D31D2.2000104@mail.com> From: Hyman Rosen User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.1a) Gecko/20020614 X-Accept-Language: en-us, en MIME-Version: 1.0 Newsgroups: comp.lang.ada Subject: Re: Faulty languages and Liability References: <3D0C7C0B.5000707@mail.com> <27085883.0206161028.276e62e4@posting.google.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Date: Mon, 17 Jun 2002 00:48:12 GMT NNTP-Posting-Host: 162.83.247.204 X-Complaints-To: abuse@verizon.net X-Trace: nwrddc02.gnilink.net 1024274892 162.83.247.204 (Sun, 16 Jun 2002 20:48:12 EDT) NNTP-Posting-Date: Sun, 16 Jun 2002 20:48:12 EDT Xref: archiver1.google.com comp.lang.ada:26106 Date: 2002-06-17T00:48:12+00:00 List-Id: Mike Silva wrote: > A better analogy is when your car catches fire while driving down the road. But viruses which take advantage of buffer overflows and such are like spreading oil on the road to make cars crash. The manufacturer can very easily argue that the program works fine in normal use, and that intricately formed attack vectors are not part of that. It has already been mentioned that there are many other points of vulnerability than buffer overruns. There is cross-scripting, /tmp race conditions, symbolic link race conditions, and a host of other stuff, none of which will be *automatically* caught be using Ada. So the argument boils down to the usual about Ada being better, but that doesn't really bring product liability into it. >>If I was sued becuase I didn't use Ada, > Nobody is proposing that. Sure they are, when an Ada advocate starts suggesting product liability lawsuits. > What, exactly, were the "results of using Ada" on the Ariane 5? I > know you don't like it when people resort to stupid anti-C++ comments > to make a point, so don't resort to stupid anti-Ada comments to make > your point, if you want to be taken seriously on cla. I wouldn't resort to stupid anti-Ada comments on c.l.a, but if someone was trying to use lawsuits to force me to abandon the one true way and start using Ada instead, you can be sure that I would use every method at my disposal to fight that, including launching unfair attacks against Ada. I would resort to stupid anti-Ada comments with the jury. The point of Ariane 5 is that the rocket blew up even though the software was written in Ada. This very much weakens the arguments that could be made that one should have used Ada instead of [lang], since there is a spectacular failure which demonstrates that writing in Ada is no panacea. So we just get back to the usual arguments about why one language is better than another, but there isn't much there for liability suits to claim that one should have used a different language.