From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,4eb65fab6deaa097 X-Google-Attributes: gid103376,public From: Chris Morgan Subject: Re: Lack of Mature Tools (was: Lockheed Martin, Green Hills, etc.) Date: 2000/04/27 Message-ID: <87em7sxtc2.fsf@think.mihalis.net> X-Deja-AN: 616145847 Sender: cm@think.mihalis.net References: <4eaJ4.23498$hh2.538870@news.flash.net> <8d4lpa$ffu$1@nnrp1.deja.com> <8d531v$vcr$1@nnrp1.deja.com> <8d57mo$4d9@chronicle.concentric.net> <390472E9.E0A17BC6@ftw.rsc.raytheon.com> <8e5hr4$imt$1@nnrp1.deja.com> <87wvll7a5h.fsf@think.mihalis.net> <39069B90.C9A74221@earthlink.net> <87ln212ghg.fsf@think.mihalis.net> <39075C3D.4C569B13@earthlink.net> X-Trace: typhoon2.gnilink.net 956796477 151.202.100.25 (Wed, 26 Apr 2000 20:47:57 EDT) Organization: Linux Hackers Unlimited NNTP-Posting-Date: Wed, 26 Apr 2000 20:47:57 EDT Newsgroups: comp.lang.ada Date: 2000-04-27T00:00:00+00:00 List-Id: "Robert I. Eachus" writes: > You seem to want to continue to misunderstand. I don't want to misunderstand, and I'm not sure I misunderstand anyway. > Why would gunzip fail? Because the checksum did not match. Which implies a bad download. So any user is safe from a bad download. > MD5 allows additional protection against forged checksums, which > are totally inapplicable to this case. Not if people got their files from some other ftp server nearer them on the net but checked the MD5 checksums against a hypothetical web page on www.gnat.com. > To repeat something which you may have missed, ACT does not create all > of the versions of GNAT, not even all versions on cs.nyu.edu. And for > example, if you want a version of GNAT for Linux, there are several > versions depending on whether you have Debian or Red Hat, and on which > kernel version you are using, etc. There is no profusion of linux versions on cs.nyu.edu : ftp> dir gnat-3.12p* 200 PORT command successful. 150 Opening ASCII mode data connection for /bin/ls. -rw-r--r-- 1 ftpuser ftpusers 8734825 Nov 2 19:40 gnat-3.12p-alpha-dec-osf4.0d-bin.tar.gz -rw-r--r-- 1 ftpuser ftpusers 1562945 Oct 19 1999 gnat-3.12p-docs.tar.gz -rw-r--r-- 1 ftpuser ftpusers 6246712 Oct 19 1999 gnat-3.12p-hppa1.1-hp-hpux10.20-bin.tar.gz -rw-r--r-- 1 ftpuser ftpusers 5295724 Oct 19 1999 gnat-3.12p-i386-pc-solaris2.6-bin.tar.gz -rw-r--r-- 1 ftpuser ftpusers 6525643 Oct 19 1999 gnat-3.12p-i686-pc-linux-gnu-bin.tar.gz -rw-r--r-- 1 ftpuser ftpusers 8497448 Oct 19 1999 gnat-3.12p-powerpc-ibm-aix4.1.4.0-bin.tar.gz -rw-r--r-- 1 ftpuser ftpusers 8057292 Oct 19 1999 gnat-3.12p-sparc-sun-solaris2.5.1-bin.tar.gz -rw-r--r-- 1 ftpuser ftpusers 4266495 Oct 19 1999 gnat-3.12p-src.tar.gz 226 Listing completed. ftp> It's been mostly like this, apart from version numbers for, oh, about 5 years or more. My understanding is that, in actual fact, the above gnat-3.12p-i686-pc-linux-gnu-bin.tar.gz is ACT's public version. Same goes for the Solaris file. The Ada for Linux stuff doesn't seem to be there, it's on www.gnuada.org as usual. > You are much, much more likely to > run into problems due to downloading the wrong version or installing it > improperly than from someone smuggling a spoofed version onto the > server. Right. This seems like my point, not yours. Robert seemed to me to casting aspersions on the authenticity of any copies not received under contract via CD. Since even untarring the files successfully means you did't have a bad download, and since the files on cs.nyu.edu are put there by ACT, I think this implication is wrong, and unfortunate. > If you really need security, you have to pay the price. I am not > talking about ACT's support price, which is trival, if you are working > on a trusted or secure system. It may triple or more the cost of > development to insure that your tools are trustworthy, and yes, if you > need security and mission or life critical code, you can triple it > again. Just adding an MD5 checksum would not help at all, you need to > start with a risk analysis and a threat analysis. Then you can start > doing all the things necessary to reduce the threat, which often will > include examining the generated machine code for certain key parts of > your program, burning parts of the code into ROM, etc. This is not the level I was talking about. Once again, RBKD wrote : > Actually, as far as I can tell, this project did not make use of the > commercial version of GNAT, but used some unsupported public version > obtained somewhere from the net (and certainly not from Ada Core > Technologies). Yes, among the technologies mentioned on the slides, > it mentions that GNAT is the most stable, but still this is NOT the > commercial version of GNAT. In fact we can't even be sure that it > is the same bits that we originally placed there. The advantage of > freely available software on the net is precisely that, it is freely > available, but the downside is you can never be sure exactly what > you are getting. I am only talking about the implication that you can't be sure you get a "good GNAT" unless you get support. Here's my situation (sort of hypothetical). I work for a company doing Ada on some tired old machines with some tired old compilers. I go straight to cs.nyu.edu via ftp, turn on the binary flag, and download the Solaris version. It ungzips and untars nicely and installs and runs. Now, I examine the compiler for things like how well it parses our code, how much memory it needs for our big packages etc. I report back to my managers. Now, of course ACT has new and better stuff up its sleeve, so of course my conclusions aren't definitive, but are my managers supposed to think I'm a fool for paying any attention to that "unsupported public version"? Well in my case I tell them "we really should use the wavefront from ACT off their customer site" and the response is the (slightly surprising) "no we'll use the public version, we don't want to be guinea pigs for anything not publically released yet unless we really need to". > > > Fair enough. But if I download this new p version and have a problem, > > it shouldn't be hard to verify my version. > > Have you had a problem? I certainly have had bad downloads, but no > difficulty in determining that the problem was just that... No, that's the point. I've never had a problem. Or perhaps I should say I never did have a problem when this stuff was my job (the above is only hypothetical because it's ancient history). > They can reliably transmit a known version to you. What RBKD is > saying is that the version you pick up off the web without any > involvement by ACT is not reliably transmitted, and I can't understand > why you find that amazing. ACT is very good at insuring that the > version they send you is appropriate for your system. If you want to > install the Solaris version on your PC, it won't work, it is not their > fault, end of story. Also if you decide to build GNAT from source for a > currently unsupported system without ACT's help, they do not guarentee > the result in any way, but they are quite willing to let you do so. If > you want to do that, and add an MD5 signature to the version you > prepare, go ahead. What he's saying seems to be true if you accept that the public versions of GNAT are not really publically available at all, since you can't get them from ACT and anywhere else is just some unconnected random friendly bit bucket. I don't think this is true of cs.nyu.edu. > > Well maybe not end of story. You have to understand what RBKD was > saying. He was NOT saying, if you want to be sure of getting our > version of GNAT, you must pay. That is precisely the implication that I perceived. How can I get the public version of GNAT? Well not from ACT, and if this explanation that I'm perhaps still not understanding is to be believed, not from anywhere else either since you can't get public GNAT from ACT without telling sales@gnat.com that you're a potential sale. Well since I'm no longer in the Ada business at all whatsoever, I won't be able to afford any level of ACT support, plus I wouldn't mislead their sales people, so I guess it's impossible for me to get an authentic version of the public release of GNAT 3.12. Oh well. > He was saying that the support given to > POTENTIAL customers by sales@gnat.com often makes the difference in a > company's compiler choice. If you are trying to choose between > supported compilers, compare the supported GNAT product to their > competitor's supported product, or even to the unsupported version of > GNAT. The "handholding" can, and often will, make a big difference. > For example, if your company has Ada 83 legacy code and you are moving > to Ada 95, they can help, in some cases by providing a special compiler > version, to make it easy to get the existing code into GNAT style > libraries and still or back under your version control system. This is > why he is saying you should compare apples to apples. I know all this very well. I know how ACT's support compares to other vendors. I know what some other vendors said about GNAT. The one thing I don't like and don't understand is why there isn't a /pub/unsupported on ftp.gnat.com with anonymous access and all the publically released files. I mean, I even made the bad mistake of trying to defend the ACT way against unfounded criticisms from a very upset unsupported GNAT users, and yet I don't see how this particular point meshes with ACT's happy espousal of RMS's ideas. > On the other hand, if you intend to compare the free version to some > other compiler, go ahead. But understand that it is not the product > that ACT is selling. The support from ACT is very good, and that is one > of their major selling points. But it's the same compiler!!!!!!! Perhaps there are so many people who don't assume in any comparison that all tools must have been successfully installed and their full documentation is at hand before any comparison is worth anything, that the installation and getting started handholding is a huge issue. From my point of view, however it was fairly clear how the competing products stacked up even using the completely unsupported GNAT releases from cs.nyu.edu. Even they were better, and that's the point. It's all rather moot for me anyway (that's the colloquial usage meaning "irrelevant", I know RBKD doesn't like that usage, sorry). I use GNAT at home for my own projects perfectly well. I don't use Ada at work, so I'm not terrified of the Ada cabal. Not that there is one. Perhaps people still in the trenches would like to comment? Chris -- Chris Morgan http://mihalis.net "O gummier hum warder buffer-lore rum Enter dare enter envelopes ply"