From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 X-Received: by 10.50.50.2 with SMTP id y2mr5776642ign.1.1397940787641; Sat, 19 Apr 2014 13:53:07 -0700 (PDT) Path: eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!news.eternal-september.org!news.eternal-september.org!feeder.eternal-september.org!news.glorb.com!c1no721843igq.0!news-out.google.com!dz10ni15488qab.1!nntp.google.com!Xl.tags.giganews.com!border1.nntp.dca.giganews.com!nntp.giganews.com!local2.nntp.dca.giganews.com!news.giganews.com.POSTED!not-for-mail NNTP-Posting-Date: Sat, 19 Apr 2014 15:53:07 -0500 Date: Sat, 19 Apr 2014 16:53:06 -0400 From: Alan Browne User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.4.0 MIME-Version: 1.0 Newsgroups: comp.lang.ada Subject: Re: OpenSSL development (Heartbleed) References: <-OGdnezdYpRWFc_OnZ2dnUVZ_vednZ2d@giganews.com> <535297f1$0$6715$9b4e6d93@newsspool3.arcor-online.net> <5352a76f$0$6720$9b4e6d93@newsspool3.arcor-online.net> <3ZSdnd4A49AxV8_OnZ2dnUVZ_qSdnZ2d@giganews.com> <5352da76$0$6701$9b4e6d93@newsspool2.arcor-online.net> In-Reply-To: <5352da76$0$6701$9b4e6d93@newsspool2.arcor-online.net> Message-ID: X-Usenet-Provider: http://www.giganews.com X-Trace: sv3-r4FKSu/n+6O6+7oZroBCUA+r28JcI5nxgfnyc0uKeD/ENPQ9xvnnxqJCqiW0uppc54DtZrbFKTcvjO6!j2M5o5Z0v4SrZQOGSNB/9WZW77iCW2avoqS/nWoyj2LwPhHmLNjwllFCfGxUUSyVlyEJMYPOPw== X-Complaints-To: abuse@giganews.com X-DMCA-Notifications: http://www.giganews.com/info/dmca.html X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly X-Postfilter: 1.3.40 X-Original-Bytes: 4775 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: quoted-printable Xref: news.eternal-september.org comp.lang.ada:19456 Date: 2014-04-19T16:53:06-04:00 List-Id: On 2014.04.19, 16:20 , Georg Bauhaus wrote: > On 19/04/14 21:12, Alan Browne wrote: >> >> No. Where OpenSSL is underfunded and has a population of maybe 4 >> programmers dedicated to it (the guy who created the bug not being one= >> of the 4) released an important security breach upon the masses; >> >> Contrast with OpenSourced Linux which has a well (corporate) funded >> organization and has a lot more eyeballs on the code and hasn't (Linux= >> itself) suffered any major or embarrassing problems. > > A comparison of one bug in one library to bugs in the amount of > software that is "Enterprise Linux" does not seem balanced > enough. I was simply refuting that the 2nd article was the "same thing" as the=20 first. The 2nd pointed out two cases. > Also, insofar as OpenSSL is well associated with > open source Linux, it is likely that fixing Heartbleed-like > bugs will be covered by {Redhat, ...} support. This adds to > an argument that there actually is funding for OpenSSL etc., > or, conversely, that there is never enough funding for all the > software to be bug free. OpenSSL appears from these reports to be "out on the limb" away from the = more richly supported trunk. > At least, that seems to be the argument of the articles: > that funding and enterprise support is supposed to achieve > so high a quality of software that it would have prevented > Heartbleed etc. Reduced the likelihood, anyway. Truly, it would be better if requirements were set and then the s/w=20 designed, nay, engineered, to meet the requirements. One day perhaps. But until someone (an entity) seizes control of the release process,=20 there will be no engineering to a level that would prevent these sorts=20 of problems. This is not the last. > OTOH, and bringing this back to Ada, the CVE sites state quite > openly that most of the issues have to do with int, malloc, > computed pointers, and assumptions that are not reflected in all > of these (overflow, say). QUOTE Theo de Raadt, founder and leader of the OpenBSD and OpenSSH projects,=20 has criticized the OpenSSL developers for writing their own memory=20 management routines and thereby circumventing OpenBSD C standard library = exploit countermeasures, saying "OpenSSL is not developed by a=20 responsible team." ENDQUOTE Ironic that one Open team leader is criticizing another But, he may be right. Would he subject his teams to a more rigorous process? To Ada? > If it is possible to make programmers use an Ada style fundamental > type system instead, thus also better arrays and fewer pointers, > this change would naturally reflect more of the assumptions. The > conclusion can only be that this change makes the software so written > as good as the assumptions. According to McCormick's findings, > that's not nothing. The fundamentals do matter. Of course they do. Now, do you really think the industry will change to something more=20 formalized and requirements driven? Use Ada as a fundamental building=20 block of it? --=20 "Big data can reduce anything to a single number, but you shouldn=92t be fooled by the appearance of exactitude." -Gary Marcus and Ernest Davis, NYT, 2014.04.07