From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII X-Google-Thread: 107f24,582dff0b3f065a52 X-Google-Attributes: gid107f24,public X-Google-Thread: 103376,bc1361a952ec75ca X-Google-Attributes: gid103376,public X-Google-Thread: 109fba,582dff0b3f065a52 X-Google-Attributes: gid109fba,public X-Google-Thread: 1014db,582dff0b3f065a52 X-Google-Attributes: gid1014db,public X-Google-ArrivalTime: 2001-08-05 02:36:56 PST Path: archiver1.google.com!newsfeed.google.com!newsfeed.stanford.edu!news.tele.dk!128.39.3.168!uninett.no!ntnu.no!not-for-mail From: randhol+abuse@pvv.org (Preben Randhol) Newsgroups: comp.lang.ada,comp.lang.c,comp.lang.c++,comp.lang.functional Subject: Re: How Ada could have prevented the Red Code distributed denial of service attack. Date: Sun, 5 Aug 2001 09:36:55 +0000 (UTC) Organization: Norwegian university of science and technology Message-ID: References: <3B6555ED.9B0B0420@sneakemail.com> <87n15lxzzv.fsf@deneb.enyo.de> <3B672322.B5EA1B66@home.com> <5ee5b646.0108010949.5abab7fe@posting.google.com> NNTP-Posting-Host: kiuk0156.chembio.ntnu.no Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Trace: tyfon.itea.ntnu.no 997004215 13792 129.241.83.82 (5 Aug 2001 09:36:55 GMT) X-Complaints-To: usenet@itea.ntnu.no NNTP-Posting-Date: Sun, 5 Aug 2001 09:36:55 +0000 (UTC) User-Agent: slrn/0.9.7.1 (Linux) Xref: archiver1.google.com comp.lang.ada:11309 comp.lang.c:72273 comp.lang.c++:80058 comp.lang.functional:7314 Date: 2001-08-05T09:36:55+00:00 List-Id: On Sat, 4 Aug 2001 14:36:10 -0400, David Lee Lambert wrote: > I'm sure that one can write a secure webserver in Ada, but I personally > would trust a mission-critical system that I had written in C better, > because I've had more experience with the language and the available > environment. I certainly would plan out such a system very carefully. I can understand your argument that you know C better and more comfortable with it, but it is not a valid argument when one make mission-critical software like airplane systems, train, nuclear power plants etc... Your problems also lies in that C has unsafe pointers and no strict typing. Another problem is that C scales very poorly, leading to obscure code. I personally would disembark an airplane if they said that the software is written in C. If it is written in Ada I would have stayed. I encourage you to try out Ada a bit and I really think that you will change your mind about which language you want to use in critical software. It really is a huge difference from C. Here you find the design goals of Ada: http://www.adapower.com/rm95/arm95_3.html#SEC3 And here is an article from Business Week, which is a interest read: Software Hell (int'l edition) Glitches cost billions of dollars and jeopardize human lives. How can we kill the bugs? [...] �With the low points of just the past 24 months, you could build a Software Hall of Infamy. In a fast-flowing river of woe, software bugs--along with viruses and security loopholes--have plagued most new releases of Microsoft Windows and Office products, Netscape Navigator, Intuit's Quicken, and countless other personal-computer applications. Glitches have crippled online auctions and trading sites and delayed product shipments at Hershey (HSY), Whirlpool (WHR), and Handspring, maker of Visor palm computers. All told, bad software cost U.S. businesses $85 billion in lost productivity last year, according to Jim Johnson, president of market researcher The Standish Group in Dennis, Mass.� [...] whole article here: http://www.businessweek.com/1999/99_49/b3658015.htm Preben -- �Don't use C; In my opinion, C is a library programming language not an app programming language.� - Owen Taylor (GTK+ developer) Use Ada 95, a free language. More info at http://www.adapower.com/