Path: csiph.com!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail From: John Ames Newsgroups: comp.os.linux.misc Subject: Re: VMS Date: Fri, 25 Jul 2025 10:39:40 -0700 Organization: A noiseless patient Spider Lines: 64 Message-ID: <20250725103940.0000789d@gmail.com> References: <20250625093213.00002ec2@gmail.com> <20250625094418.00007fd2@gmail.com> <105iv02$3cuhr$2@dont-email.me> <20250721091242.00007573@gmail.com> <20250721133148.00007cc6@gmail.com> <105pv2t$77mv$1@dont-email.me> <20250723080407.00004a8a@gmail.com> <105ri4r$ed5t$1@dont-email.me> <20250723142845.000033ee@gmail.com> <105rr9k$fslf$1@dont-email.me> <20250724080540.00004f57@gmail.com> <20250724150625.00005a29@gmail.com> <105v6t4$1rec2$1@dont-email.me> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Injection-Date: Fri, 25 Jul 2025 17:39:45 +0000 (UTC) Injection-Info: dont-email.me; posting-host="0e9a865d6c8f82669ca347905c854dde"; logging-data="1207578"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18pWTWJPzZWMt8NKjrDltqnSOJ7jq0oM3o=" Cancel-Lock: sha1:gEri7Ki6ynLJHqkHolVUiAGksLA= X-Newsreader: Claws Mail 4.3.0 (GTK 3.24.42; x86_64-w64-mingw32) Xref: csiph.com comp.os.linux.misc:69906 On Fri, 25 Jul 2025 07:06:27 +0100 Pancho wrote: > You keep making overly dogmatic comments about over speccing in order > to avoid errors. Yes, because that was the root of this conversation, the argument that over-speccing *in hopes of warding off bounds errors* is a *good idea,* an argument with which I *fervently* disagree. Disregard for & magical thinking wrt. to this specific issue has *always* been a cause of mayhem, and it's not an exaggeration to say that the majority of catastrophic IT failures in the last few decades, from the Morris worm to the CrowdStrike outage, are due to carelessness on *this specific issue.* It is not outside the realm of possibility that people have *died* as a consequence. I have zero shame in being dogmatic here - BOUNDS-CHECK YOUR DAMN BUFFERS. (Or design such that boundary errors are a 101% can't-happen thing, if you can - but for the love of all that is good and holy, *don't* just leave yourself extra room to appease the fairies and figure "eh, it'll be fine," especially with anything network-facing.) > The fundamental metric to judge software is usefulness. That is why > we have so much buggy code, people want code that does stuff rather > than code that is perfectly bug free but doesn't do as much. I can to a certain extent appreciate the worse-is-better mindset, in that it is often (but not *always*) better to have an imperfect solution than no solution at all. But *far* too many developers treat that as an excuse to not really bother in the first place. The HN story linked elsewhere in the thread is a perfect example of where that kind of thinking can lead: personal information on hundreds or thousands of users, *including live GPS data,* accessible to anyone with a modest knowledge of exploit tactics and a couple free afternoons, because some dingbat newbie cared more about Just Shipping than assessing his own *rampant* design vulnerabilities. While I have no doubt that every single person here is more competent than the "vibe coder" in that story, that still doesn't excuse careless thinking; and while the potential for harm is less catastrophic in some personal project or business-specific utility than a public-facing social-networking whichijig, it's easy to underestimate the lifespan and reach of any piece of code - especially in the freenix world, where it's actually incredibly common for larger, more widely-used libraries and tools to be built on the back of what were originally small private projects. For the love of Mike, the last decade saw breaking changes to *ncurses,* a Clinton-era update of a package birthed the same year the Gipper rolled into the White House. > Fortunately I don't develop SSL, chip microcode or aircraft > controllers. People accept my code falls over occasionally. To be perfectly frank, it's *very* fortunate that you don't develop aircraft controllers. > This is the way structural engineering works. Bridge building etc. Funny you should cite bridge-building. As a friend once observed: "The Romans made their architects stand under the arches they designed while the keystone was put in place and the supports removed. The Romans built bridges that stayed the #&@! up."