[SystemSafety] Fwd: Re: OpenSSL Bug

From: Peter Bernard Ladkin < >
Date: Thu, 10 Apr 2014 22:25:49 +0200


A little more on part of my last.

On 2014-04-10 21:19 , Peter Bernard Ladkin wrote:

> On 2014-04-10 21:06 , Derek M Jones wrote:

>> There is no discontinuity that distinguishes weak/strong typing, it is
>> a continuum. Good luck reaching general agreement on where to draw
>> the line.

Oh, there are obvious ways. Suppose we made it a crime, punishable by hanging, drawing and quartering, to release in any form for use by the public code that is not "type-conform".

I bet we would agree, in a one-day convention for professional SW engineers, what "type-conform" means. Firmly.

After all, two of Britain's Turing Award winners have contributed to the design of practical programming languages that were explicitly, rigorously type-conform. It can't be that hard. We can, after all, as a society more or less agree on what counts as accessory to murder, even if helping a loved one to fulfil a wish to die is a very difficult boundary case.

The confidential financial information of a large proportion of the British population has just been declared as compromised. This is just one of the consequences. If we computer scientists are lucky, the majority will shrug their shoulders at this, as before. But one day they'll receive their credit card statements, and there will be millions of them, and they'll all see obvious evidence of fraud.

How much provocation do you think it will take before, say, the government of the day decides to intervene? How much confidence do you have that Oxford's best PPE graduates will be able to decide better than computer scientists what "type conform" consists in, and make it a crime to supply code that is not so conform?

Isn't it far better for us computer scientists to agree what "type conform" means, to admit that non-type-conform SW has caused endless problems, and to demonstrate progress in addressing the scourge of non-type-conformity before the politicians decide to intervene?

PBL Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld, 33594 Bielefeld, Germany Tel+msg +49 (0)521 880 7319 www.rvs.uni-bielefeld.de



The System Safety Mailing List
systemsafety_at_xxxxxx Received on Thu Apr 10 2014 - 22:26:09 CEST

This archive was generated by hypermail 2.3.0 : Sun Feb 17 2019 - 17:17:06 CET