From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.4 required=5.0 tests=AC_FROM_MANY_DOTS,BAYES_00 autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 107f24,582dff0b3f065a52 X-Google-Attributes: gid107f24,public X-Google-Thread: 1014db,582dff0b3f065a52 X-Google-Attributes: gid1014db,public X-Google-Thread: 103376,bc1361a952ec75ca X-Google-Attributes: gid103376,public X-Google-Thread: 109fba,582dff0b3f065a52 X-Google-Attributes: gid109fba,public X-Google-ArrivalTime: 2001-08-10 06:56:19 PST Path: archiver1.google.com!newsfeed.google.com!newsfeed.stanford.edu!skynet.be!skynet.be!news-x2.support.nl!news-x.support.nl!psinet-eu-nl!psiuk-p4!uknet!psiuk-n!news.pace.co.uk!nh.pace.co.uk!not-for-mail From: "Marin David Condic" Newsgroups: comp.lang.ada,comp.lang.c,comp.lang.c++,comp.lang.functional Subject: Re: How Ada could have prevented the Red Code distributed denial of service attack. Date: Fri, 10 Aug 2001 09:40:21 -0400 Organization: Posted on a server owned by Pace Micro Technology plc Message-ID: <9l0o87$duo$1@nh.pace.co.uk> References: <9kpo9r$415@augusta.math.psu.edu> <5drpk9.l0e.ln@10.0.0.2> <9krhd2$6po@augusta.math.psu.edu> <9kubta$h4p$1@nh.pace.co.uk> <3B738145.CC94E732@eton.powernet.co.uk> NNTP-Posting-Host: 136.170.200.133 X-Trace: nh.pace.co.uk 997450823 14296 136.170.200.133 (10 Aug 2001 13:40:23 GMT) X-Complaints-To: newsmaster@news.cam.pace.co.uk NNTP-Posting-Date: 10 Aug 2001 13:40:23 GMT X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Xref: archiver1.google.com comp.lang.ada:11758 comp.lang.c:73392 comp.lang.c++:81533 comp.lang.functional:7468 Date: 2001-08-10T13:40:23+00:00 List-Id: Never said you couldn't have errors escape a spell checker. Never said you couldn't have errors escape a language implementation that has error checking features. Never said you should implicitly trust that just because something got past such a compiler that it was free from errors. What I *did* say was that machine checking for routine errors would result in a reduction of errors. Maybe what I don't understand is why there seems to be such a resistance to the concept of automated error checking in a computer language when we routinely build in all sorts of automatic error checking into our software to prevent end-users from making stupid mistakes. A simple data entry program routinely edits the input applying various sanity checks and refusing to accept something known to be in error. The more sanity checks we put in - the better we think we're doing our job. Why is it appropriate for us to build that into the end-user's application but it is somehow or other A Bad Thing(tm) for the language/compiler designers to build that into *our* user input program? (Oh. That's right. I forgot. Programmers are *above* mere mortals. :-) Accounting systems that prevent users from entering in bad data reduce the "flexibility" the end user has with an unedited input. Payroll programs that sanity-check paycheck data might lull the end user into a false sense of security - getting them to "trust" computers too much. Maybe we should propose that all input keyed in by end users should be accepted as raw binary data and we should never check it for validity since obviously this seems to be what we are demanding for ourselves from our computer languages. And by the way, maybe we should all go back to computing logarithms with a slide rule since pocket calculators lull us into a false sense of security about our computations and how accurate they are. Or let's bag it alltogether and go back to computing things with a pencil and paper since this is the "ultimate" in "flexibility". MDC -- Marin David Condic Senior Software Engineer Pace Micro Technology Americas www.pacemicro.com Enabling the digital revolution e-Mail: marin.condic@pacemicro.com Web: http://www.mcondic.com/ "Richard Heathfield" wrote in message news:3B738145.CC94E732@eton.powernet.co.uk... > > The trouble with programs like, four eggs ample, spell checkers, is > there tendency two give yew a level of confidence inn yore output witch > mite knot bee just if fried. > > People who trust computers scare me. (Mind you, people who trust people > scare me too.) >