[SystemSafety] OpenSSL Bug

Thu Apr 10 23:06:58 CEST 2014

"... through societal processes, often spurred by the legal system."

Which, history seems to indicate, was driven by some significant failure
of some sort. So, to get back to PBL's original question, "Isn't it time
we started a serious, when necessary aggressive, campaign against this
kind of software malpractice?", This is the kind of failure that leads to
the societal processes and the spurring of the legal systems. Just wait
for someone to be able to prove that they lost of ton of money from their
bank accounts due to the SSL defect and then turn around and sue the pants
off whoever shipped that SSL code. Same for any of the recent spate of
defects.

People generally haven't cared about defective software until now because
the defects didn't cause significant harm to them, personally. But now
it's getting personal.

Developers and their corporations haven't cared because their customers
haven't cared. All that's changing now.

And, I should add, this is part of the reason that many of us involved in
the SWEBOK Guide effort (and related efforts) have been at it for so many
years. When the proverbial crap hits the fan--and it's getting really
close to doing exactly that--the software industry needs to have a damn
good story about what changes are needed. Without that good story, the
governments will take a stab and throw something obnoxious at us. With
things like SWEBOK Guide, we hope to be prepared in advance with a
reasonable, meaningful solution.

On the topic of strongly typed vs. weakly typed languages, there are
advantages and disadvantages to each. The issue isn't at all the tool. The
issue is the intelligence and professionalism of the tool user. Don't
blame C, even in a strongly typed language sometimes the type ranges need
to be declared wide enough that things like this still happen. Blame the
idiot programmer for not understanding design by contract, code semantics,
etc. and for not putting in a range check that would be appropriate for
that point in the execution. Blame the lazy, stupid, incompetent, ...
programmer, not the language.

And, please, stop calling them "bugs" in the first place. The term is
simply too cute and de-emphasizes the seriousness of the situation. It's a
DEFECT, plain and simple. Call it that. In fact, a consultant friend of
mine recommends we don't even call them "defects". He says, "Call them
what they really are: programmer malpractice".

-- steve

-----Original Message-----
From: "C. Michael Holloway" <c.m.holloway at nasa.gov>
Organization: NASA Langley Research Center
Date: Thursday, April 10, 2014 1:49 PM
To: "systemsafety at lists.techfak.uni-bielefeld.de"
<systemsafety at lists.techfak.uni-bielefeld.de>
Subject: Re: [SystemSafety] OpenSSL Bug

On whom the burden of proof lies is rarely a technical question.  Or to
be more precise, rarely, if ever, do the technical experts in any field
answer the question for the world.  Rather history seems to show that
the answer changes over time through societal processes, often spurred
by the legal system.

On 4/10/14 4:25 PM, Martyn Thomas wrote:
> Does anyone know of any empirical studies showing the benefits of not
> riding a bicycle round Hyde Park Corner with your hands in your pockets?
>
> If there aren't any, would that be a good reason to avoid criticising my
> children if I see them doing this?
>
> It seems to me that the burden of proof lies on the people who want to
> argue that such practices are safe.
>
> Martyn
>
>
>
> On 10/04/2014 20:06, Derek M Jones wrote:
>> Incidentally there is almost no empirical evidence for the benefits
>> of using a language having stronger typing.  There are a few studies
>> using students on really small problems.  Pointers to good studies
>> welcome.
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
>
>

_______________________________________________
The System Safety Mailing List
systemsafety at TechFak.Uni-Bielefeld.DE