From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=0.4 required=5.0 tests=AC_FROM_MANY_DOTS,BAYES_00, PP_MIME_FAKE_ASCII_TEXT autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII X-Google-Thread: 107f24,582dff0b3f065a52 X-Google-Attributes: gid107f24,public X-Google-Thread: 109fba,582dff0b3f065a52 X-Google-Attributes: gid109fba,public X-Google-Thread: 1014db,582dff0b3f065a52 X-Google-Attributes: gid1014db,public X-Google-Thread: 103376,bc1361a952ec75ca X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2001-08-02 08:40:08 PST Path: archiver1.google.com!newsfeed.google.com!newsfeed.stanford.edu!newsfeeds.belnet.be!news.belnet.be!psinet-eu-nl!psiuk-p4!uknet!psiuk-n!news.pace.co.uk!nh.pace.co.uk!not-for-mail From: "Marin David Condic" Newsgroups: comp.lang.ada,comp.lang.c,comp.lang.c++,comp.lang.functional Subject: Re: How Ada could have prevented the Red Code distributed denial of service attack. Date: Thu, 2 Aug 2001 11:24:05 -0400 Organization: Posted on a server owned by Pace Micro Technology plc Message-ID: <9kbran$om9$1@nh.pace.co.uk> References: <9k9if8$rn3$1@elf.eng.bsdi.com> <3B687EDF.9359F3FC@mediaone.net> <3B694F80.C7C2D013@mediaone.net> NNTP-Posting-Host: 136.170.200.133 X-Trace: nh.pace.co.uk 996765847 25289 136.170.200.133 (2 Aug 2001 15:24:07 GMT) X-Complaints-To: newsmaster@news.cam.pace.co.uk NNTP-Posting-Date: 2 Aug 2001 15:24:07 GMT X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Xref: archiver1.google.com comp.lang.ada:11089 comp.lang.c:71659 comp.lang.c++:79347 comp.lang.functional:7188 Date: 2001-08-02T15:24:07+00:00 List-Id: A very deliberate decision was taken to remove the safety checks (which may not have saved anything anyway - it was a question of proper FDA.) in order to gain needed performance. A static analysis was done that insured the code was correct for the Arianne 4 flight envelope. It worked successfully in that environment. Moving it to the Arianne 5 was done without any review of those issues and nothing was done to test the unit in the new flight envelope. In other words, the software did *precisely* what it was designed to do - it was just too bad that what it was designed to do wasn't the right thing to do. MDC -- Marin David Condic Senior Software Engineer Pace Micro Technology Americas www.pacemicro.com Enabling the digital revolution e-Mail: marin.condic@pacemicro.com Web: http://www.mcondic.com/ "Ed Falis" wrote in message news:3B694F80.C7C2D013@mediaone.net... > Goran Larsson wrote: > > > > In article <3B687EDF.9359F3FC@mediaone.net>, > > Ed Falis wrote: > > > > > Read the report. > > > > I have. Your point is? > > > > -- > > G�ran Larsson Senior Systems Analyst hoh AT approve DOT se > > It was about inappropriately reused code. I suppose that does bolster > some of the arguments about poor programming, though the error in this > case was due to decisions pretty far upstream from the code. > > - Ed