Groups | Search | Server Info | Login | Register
Groups > comp.os.linux.misc > #69906
| From | John Ames <commodorejohn@gmail.com> |
|---|---|
| Newsgroups | comp.os.linux.misc |
| Subject | Re: VMS |
| Date | 2025-07-25 10:39 -0700 |
| Organization | A noiseless patient Spider |
| Message-ID | <20250725103940.0000789d@gmail.com> (permalink) |
| References | (19 earlier) <105rr9k$fslf$1@dont-email.me> <20250724080540.00004f57@gmail.com> <wwvh5z1z50z.fsf@LkoBDZeT.terraraq.uk> <20250724150625.00005a29@gmail.com> <105v6t4$1rec2$1@dont-email.me> |
On Fri, 25 Jul 2025 07:06:27 +0100 Pancho <Pancho.Jones@protonmail.com> wrote: > You keep making overly dogmatic comments about over speccing in order > to avoid errors. Yes, because that was the root of this conversation, the argument that over-speccing *in hopes of warding off bounds errors* is a *good idea,* an argument with which I *fervently* disagree. Disregard for & magical thinking wrt. to this specific issue has *always* been a cause of mayhem, and it's not an exaggeration to say that the majority of catastrophic IT failures in the last few decades, from the Morris worm to the CrowdStrike outage, are due to carelessness on *this specific issue.* It is not outside the realm of possibility that people have *died* as a consequence. I have zero shame in being dogmatic here - BOUNDS-CHECK YOUR DAMN BUFFERS. (Or design such that boundary errors are a 101% can't-happen thing, if you can - but for the love of all that is good and holy, *don't* just leave yourself extra room to appease the fairies and figure "eh, it'll be fine," especially with anything network-facing.) > The fundamental metric to judge software is usefulness. That is why > we have so much buggy code, people want code that does stuff rather > than code that is perfectly bug free but doesn't do as much. I can to a certain extent appreciate the worse-is-better mindset, in that it is often (but not *always*) better to have an imperfect solution than no solution at all. But *far* too many developers treat that as an excuse to not really bother in the first place. The HN story linked elsewhere in the thread is a perfect example of where that kind of thinking can lead: personal information on hundreds or thousands of users, *including live GPS data,* accessible to anyone with a modest knowledge of exploit tactics and a couple free afternoons, because some dingbat newbie cared more about Just Shipping than assessing his own *rampant* design vulnerabilities. While I have no doubt that every single person here is more competent than the "vibe coder" in that story, that still doesn't excuse careless thinking; and while the potential for harm is less catastrophic in some personal project or business-specific utility than a public-facing social-networking whichijig, it's easy to underestimate the lifespan and reach of any piece of code - especially in the freenix world, where it's actually incredibly common for larger, more widely-used libraries and tools to be built on the back of what were originally small private projects. For the love of Mike, the last decade saw breaking changes to *ncurses,* a Clinton-era update of a package birthed the same year the Gipper rolled into the White House. > Fortunately I don't develop SSL, chip microcode or aircraft > controllers. People accept my code falls over occasionally. To be perfectly frank, it's *very* fortunate that you don't develop aircraft controllers. > This is the way structural engineering works. Bridge building etc. Funny you should cite bridge-building. As a friend once observed: "The Romans made their architects stand under the arches they designed while the keystone was put in place and the supports removed. The Romans built bridges that stayed the #&@! up."
Back to comp.os.linux.misc | Previous | Next — Previous in thread | Next in thread | Find similar
Re: VMS Rich <rich@example.invalid> - 2025-07-20 14:37 +0000
Re: VMS Richard Kettlewell <invalid@invalid.invalid> - 2025-07-21 08:42 +0100
Re: VMS John Ames <commodorejohn@gmail.com> - 2025-07-21 09:12 -0700
Re: VMS Pancho <Pancho.Jones@protonmail.com> - 2025-07-21 18:44 +0100
Re: VMS Richard Kettlewell <invalid@invalid.invalid> - 2025-07-21 20:47 +0100
Re: VMS John Ames <commodorejohn@gmail.com> - 2025-07-21 13:31 -0700
Re: VMS Pancho <Pancho.Jones@protonmail.com> - 2025-07-23 07:22 +0100
Re: VMS John Ames <commodorejohn@gmail.com> - 2025-07-23 08:04 -0700
Re: VMS John Ames <commodorejohn@gmail.com> - 2025-07-23 08:44 -0700
Re: VMS The Natural Philosopher <tnp@invalid.invalid> - 2025-07-23 20:04 +0100
Re: VMS rbowman <bowman@montana.com> - 2025-07-23 22:47 +0000
Re: VMS The Natural Philosopher <tnp@invalid.invalid> - 2025-07-24 09:56 +0100
Re: VMS Pancho <Pancho.Jones@protonmail.com> - 2025-07-23 21:53 +0100
Re: VMS John Ames <commodorejohn@gmail.com> - 2025-07-23 14:28 -0700
Re: VMS Pancho <Pancho.Jones@protonmail.com> - 2025-07-24 00:29 +0100
Re: VMS John Ames <commodorejohn@gmail.com> - 2025-07-24 08:05 -0700
Re: VMS Richard Kettlewell <invalid@invalid.invalid> - 2025-07-24 21:51 +0100
Re: VMS John Ames <commodorejohn@gmail.com> - 2025-07-24 15:06 -0700
Re: VMS Pancho <Pancho.Jones@protonmail.com> - 2025-07-25 07:06 +0100
Re: VMS John Ames <commodorejohn@gmail.com> - 2025-07-25 10:39 -0700
Re: VMS Pancho <Pancho.Jones@protonmail.com> - 2025-07-26 17:54 +0100
Re: VMS The Natural Philosopher <tnp@invalid.invalid> - 2025-07-26 18:02 +0100
Re: VMS Robert Riches <spamtrap42@jacob21819.net> - 2025-07-27 04:04 +0000
Re: VMS c186282 <c186282@nnada.net> - 2025-07-27 01:50 -0400
Re: VMS The Natural Philosopher <tnp@invalid.invalid> - 2025-07-27 12:07 +0100
Re: VMS Pancho <Pancho.Jones@protonmail.com> - 2025-07-27 10:23 +0100
Re: VMS Richard Kettlewell <invalid@invalid.invalid> - 2025-07-27 10:55 +0100
Re: VMS c186282 <c186282@nnada.net> - 2025-07-27 21:23 -0400
Re: VMS rbowman <bowman@montana.com> - 2025-07-28 04:45 +0000
Re: VMS c186282 <c186282@nnada.net> - 2025-07-28 02:14 -0400
Re: VMS The Natural Philosopher <tnp@invalid.invalid> - 2025-07-28 13:48 +0100
Re: VMS rbowman <bowman@montana.com> - 2025-07-28 20:38 +0000
Re: VMS rbowman <bowman@montana.com> - 2025-07-28 20:32 +0000
Re: VMS Bobbie Sellers <bliss-sf4ever@dslextreme.com> - 2025-07-28 14:17 -0700
Re: VMS rbowman <bowman@montana.com> - 2025-07-29 05:08 +0000
Re: VMS The Natural Philosopher <tnp@invalid.invalid> - 2025-07-28 13:44 +0100
Re: VMS The Natural Philosopher <tnp@invalid.invalid> - 2025-07-28 13:39 +0100
Re: VMS Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-07-29 01:03 +0000
Re: VMS rbowman <bowman@montana.com> - 2025-07-29 05:29 +0000
Re: VMS The Natural Philosopher <tnp@invalid.invalid> - 2025-07-29 11:42 +0100
Re: VMS rbowman <bowman@montana.com> - 2025-07-29 19:16 +0000
Re: VMS Pancho <Pancho.Jones@protonmail.com> - 2025-07-29 12:10 +0100
Re: VMS The Natural Philosopher <tnp@invalid.invalid> - 2025-07-29 13:08 +0100
Re: VMS Bobbie Sellers <bliss-sf4ever@dslextreme.com> - 2025-07-29 09:51 -0700
Re: VMS rbowman <bowman@montana.com> - 2025-07-29 18:53 +0000
Re: VMS c186282 <c186282@nnada.net> - 2025-07-29 04:51 -0400
Re: VMS Rich <rich@example.invalid> - 2025-07-29 13:32 +0000
Re: VMS John Ames <commodorejohn@gmail.com> - 2025-07-28 09:22 -0700
Re: VMS The Natural Philosopher <tnp@invalid.invalid> - 2025-07-27 12:11 +0100
Re: VMS Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-07-27 22:02 +0000
Re: VMS rbowman <bowman@montana.com> - 2025-07-28 04:58 +0000
Re: VMS Stéphane CARPENTIER <sc@fiat-linux.fr> - 2025-08-01 19:13 +0000
Re: VMS Lew Pitcher <lew.pitcher@digitalfreehold.ca> - 2025-08-01 20:38 +0000
Re: VMS Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-08-02 00:01 +0000
Re: VMS c186282 <c186282@nnada.net> - 2025-08-02 02:24 -0400
Re: VMS Pancho <Pancho.Jones@protonmail.com> - 2025-08-02 11:34 +0100
Re: VMS c186282 <c186282@nnada.net> - 2025-08-02 21:02 -0400
Re: VMS Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-08-03 02:08 +0000
Re: VMS c186282 <c186282@nnada.net> - 2025-08-03 01:00 -0400
Re: VMS c186282 <c186282@nnada.net> - 2025-07-27 21:31 -0400
Re: VMS rbowman <bowman@montana.com> - 2025-07-28 05:03 +0000
Re: VMS c186282 <c186282@nnada.net> - 2025-07-28 02:19 -0400
Re: VMS c186282 <c186282@nnada.net> - 2025-07-27 21:09 -0400
Re: VMS John Ames <commodorejohn@gmail.com> - 2025-07-28 10:17 -0700
Re: VMS rbowman <bowman@montana.com> - 2025-07-28 20:46 +0000
Re: VMS John Ames <commodorejohn@gmail.com> - 2025-07-28 14:34 -0700
Re: VMS Charlie Gibbs <cgibbs@kltpzyxm.invalid> - 2025-07-28 16:34 +0000
Re: VMS rbowman <bowman@montana.com> - 2025-07-28 20:48 +0000
Re: VMS Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-07-29 01:00 +0000
Re: VMS Pancho <Pancho.Jones@protonmail.com> - 2025-07-29 10:07 +0100
Re: VMS Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-07-29 23:05 +0000
Re: VMS c186282 <c186282@nnada.net> - 2025-07-30 02:43 -0400
Re: VMS Andreas Eder <a_eder_muc@web.de> - 2025-08-02 18:11 +0200
Re: VMS Charlie Gibbs <cgibbs@kltpzyxm.invalid> - 2025-07-24 14:42 +0000
Re: VMS rbowman <bowman@montana.com> - 2025-07-24 18:05 +0000
Re: VMS John Ames <commodorejohn@gmail.com> - 2025-07-24 11:14 -0700
Re: VMS rbowman <bowman@montana.com> - 2025-07-24 23:10 +0000
Re: VMS Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-07-24 21:16 +0000
Re: VMS rbowman <bowman@montana.com> - 2025-07-24 23:21 +0000
Re: VMS John Ames <commodorejohn@gmail.com> - 2025-07-21 14:05 -0700
Re: VMS Charlie Gibbs <cgibbs@kltpzyxm.invalid> - 2025-07-21 21:14 +0000
Re: VMS The Natural Philosopher <tnp@invalid.invalid> - 2025-07-21 22:19 +0100
Re: VMS rbowman <bowman@montana.com> - 2025-07-22 02:10 +0000
csiph-web