From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 1014db,582dff0b3f065a52 X-Google-Attributes: gid1014db,public X-Google-Thread: 103376,bc1361a952ec75ca X-Google-Attributes: gid103376,public X-Google-Thread: 109fba,582dff0b3f065a52 X-Google-Attributes: gid109fba,public X-Google-ArrivalTime: 2001-08-08 22:48:11 PST Path: archiver1.google.com!newsfeed.google.com!newsfeed.stanford.edu!paloalto-snf1.gtei.net!news.gtei.net!enews.sgi.com!newshub2.rdc1.sfba.home.com!news.home.com!news1.rdc2.on.home.com.POSTED!not-for-mail Message-ID: <3B722420.9E27A988@home.com> From: "Warren W. Gay VE3WWG" X-Mailer: Mozilla 4.75 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 Newsgroups: comp.lang.ada,comp.lang.c,comp.lang.c++ Subject: Re: How Ada could have prevented the Red Code distributed denial of service attack. References: <3b690498.1111845720@news.worldonline.nl> <9kbu15$9bj@augusta.math.psu.edu> <3b6a453c.1193942215@news.worldonline.nl> <9keejl$fhj@augusta.math.psu.edu> <3c30da40.0108060848.796d9bd9@posting.google.com> <3B6F3216.F410BBFF@home.com> <3B6F3FAE.B9B9FFCF@globetrotter.qc.ca> <3B6F5BF6.1E22543B@home.com> <3B706538.5AB33833@globetrotter.qc.ca> <3B70BDA5.575D8E6A@home.com> <3B71C74E.505A8753@globetrotter.qc.ca> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Date: Thu, 09 Aug 2001 05:48:10 GMT NNTP-Posting-Host: 24.141.193.224 X-Complaints-To: abuse@home.net X-Trace: news1.rdc2.on.home.com 997336090 24.141.193.224 (Wed, 08 Aug 2001 22:48:10 PDT) NNTP-Posting-Date: Wed, 08 Aug 2001 22:48:10 PDT Organization: Excite@Home - The Leader in Broadband http://home.com/faster Xref: archiver1.google.com comp.lang.ada:11665 comp.lang.c:73088 comp.lang.c++:81152 Date: 2001-08-09T05:48:10+00:00 List-Id: Chris Wolfe wrote: > "Warren W. Gay VE3WWG" wrote: > > Chris Wolfe wrote: > > I suppose you're simply offended by the "_cannot_" remark. Yes, I > > suppose that it _is_ possible for a C++ compiler to generate runtime > > checks, and even do some limited compile time static checks. But that > > is not the general experience. > > Yes, I am offended by a statement that (insert stereotype here). Noted :) > So why not compare _comparable_ things: like a C++ compiler and > library designed with safety in mind against Ada. Rather than a > family of languages and libraries designed with ease of > implementation and speed in mind? Ah right, that would leave the > choice to person preference in syntax and flexibility. I am comparing comparable things. You talk of rare versions of things in C++, whereas in the norm, the protections you talk about, are not there. As someone else pointed out, even the GCC with the patches installed for doing array bounds is not only very limited, but shakey as well (bugs). > > Ok, you can build classes to do array work. In Ada, this is totally > > unnecessary for the same level of safety (the safety is inherent > > in the language). > > The compiler inserts the code provided by the Array template into > all your code automatically. I wear a seat belt, those who choose > to do otherwise... I can believe that, if I could only believe that you never used regular arrays. I've seen enough C++ code to know better than to trust that no bare naked arrays of characters, ints, or whatever gets coded in C++. But every C++ fan seems to side-step that issue. > > But my point was, that you won't use this array > > when interfacing to pipe(2). You can, and _you_ might, but a lot > > of C++ people will not. > > So we do the Ada thing: throw away the flexibility of the > language to force everyone to play safe. In case you missed it, > most C++ compiler also provide support for inline assembler: A) > if I need it, I can get it. B) if I don't need it, I can stick > with the safer stuff. Ada has a very different philosophy. I'd rather have the safety over flexibility on flight software! I don't care what your credentials are ;-) Frankly, I'd say the same about my mutual fund account, bank account or mortgage too. Safety is not somebody elses problem any more. It should be everyone's concern. > > 2. You now have to prove that your Class Posix is fault free > > before you put it on an aircraft or in a medical instrument. > > Duh, and this was somehow skipped when producing the Ada > libraries? I somehow fail to believe that Ada circumvents bugs in > the functions provided by my operating system. Duh, but you can be assured that all Ada references to the "wrapper class" arrays _are_ checked. So there. ;-) The combination of knowing the compiler is checking everything, and the fact that Ada is designed to be audited, makes it much easier to say that it is "flight ready". > > You know that it's easy to defend what you know and use. It's > > harder to say "maybe there's something there that I should at > > least know more about." > > When coming from a VB and Pascal background Ada looked like a > natural extension. Fortunately I looked at C one day and said > "maybe there's something there that I should at least know more > about." The led to C++, which led to moving many of the useful > Ada concepts into classes and templates. Flexibility, conciseness > and wide spread use. Oh yes, and my seat belt. But your seat belt is a little more like a piece of string. ;-) -- Warren W. Gay VE3WWG http://members.home.net/ve3wwg