It fixes that specific instance, but not the general problem. Pointers can alias each other in many possible ways, and you can't detect them all. It can happen as a buffer overrun bug exploited from another routine, or even from an external machine.
Either your software can detect the sendmail bug or else it must disallow software "like" sendmail. Assuming the former, if you can verify x86 code, you should be able to scan Linux for ALL possible exploits and make it 100% secure.
Which would be cool, but somehow I remain doubtful. Or are you saying that you *could* do this, but it would take several lifetimes to run?;)
In C++, this changes a virtual function in an objects vftab to some constant. Elsewhere in my program I call through this virtual function pointer into a segment of code in the _DATA region of the program.
How would you verify, or detect, a case like this? It's a darling of pointer aliasing and data-as-code. If you have a method, I'm impressed;)
Object-oriented bytecode is verifiable because it doesn't have loose cannons like pointers to functions. Once you have pointers to functions, it seems you can create an insoluble program flow quite trivially.
No mention there what the matter with that poor kid was, though. It could have been genetic engineering or clone research. It could have been any number of natural causes. Do we get any hints?;)
In theory. It works with libraries which have well-defined interfaces and behaviors, and in companies which value documentation (those exist, right?;)
But if the code was good enough that it (a) had no implementation "features" and (b) had a well-defined interface, then it probably didn't need rewriting in the first place;)
That's the problem with a lot of "real-world" code - it's grown beyond its original spec and the implementation now contains the *only* definitive statement of what the code does.
I agree with you in theory, though, and I wish I programmed in that world;)
Man, you leave school and there are 6 continents and next thing you know there are 7 and they renamed them! I expect it depends a lot on where you live - in the UK no-one talks about "Eurasia";)
Never been in a company where people would leave rather than work on the existing codebase? At times like that, management might reconsider. And if it's going to take such a dire emergency before they do consider rewriting the codebase, they're lousy managers.
It says to me that either they're strapped for resources (studying privacy is much harder than studying privacy policies) or that they're being dishonest. Occam's Razor suggests the first.
You're being too kind. If they are prepared to publish a study like this, done while being strapped for resources, they are being dishonest.
You don't need a union to organize. If there's a problem with management, you can bet people have noticed. Emailing everyone in the company except the boss is trivial these days. I've organized plenty of uprisings in my time, albeit at fairly small companies.
I can't speak for other C++ coders - there are a lot out there, with varying degrees of aptitude. I advice writing any code clearly, but there's plenty of coders (in all languages) who don't!
I agree that comments are very important in external headers, and I usually try to give an overview of the class and its purpose. If you don't have the class source code, this is of course vital.
Code should definitely have *some* comments. I just mean that the ideal amount of English compared with code can be much lower, depending on which language you're using. In essence, the purpose of higher-level languages is to express the code in a way that's closer to English - so less English comments should be necessary.
What I don't want to see is a comment which would be redundant, if only it matched the code. Or crap like this:
a += 1;// increment a
I think my opinions are close to those of Stroustrup. He has spent more time explaining them than I can. I agree with more of what he says than I disagree with. And he did invent C++!
Access to computing -- to RPG and other forms of gaming
... can be had on a $200 games consoles which more of the poorer families can and do afford.
Quite how this shapes anything other than the kid's free time is beyond me, but in Katz's world it seems that it's more important that kids listen to illegally-downloaded MP3s, play video games and read trashy news sites like this, than it is for them to do their homework, interact with their parents and friends, and learn some resource management skills.
Can you imagine what an obnoxious spoilt brat Katz's kid would be if he had one?
Yeah, isn't it terrible how someone with a good business idea but no money can go out and find someone willing to take a risk on his idea and possibly make him rich. If it weren't for VC, *everything* would be done by megacorporations.
Hey, can I put a commercial for myself on Slashdot? Please! I could talk about what got me into programming, then when they've taken the bait I can switch and start selling myself as a consultant.;)
Nothing is more mysterious in politics than why some issues capture the imagination of idealistic people like college students -- sweatshops in Latin America, for example -- and some don't, like the enormous gap in computer use and Net access between poor and rich kids.
It's not mysterious.
Sweatshops in Latin America involve real human suffering which even non-idealistic people wish to put a stop to.
The gap in computer use is a trivial fact which is easily explained in terms of pricing and doesn't cause any actual suffering. It's something only middle-class internet users give a fuck about.
It seems our "idealistic college students" have their priorities a lot straighter than our 50-year-old hack journalists.
I agree that comments are useful, but too many comments isn't a good thing either.
Firstly, comments are often not maintained. You can say this is the fault of the maintainer, but with the best will in the world mistakes happen.
Secondly, plenty of people write tons of comments but their code is still unreadable. Code should be clear, concise and shouldn't use tricks of the language like:
if (a = (b == c))
Adding a comment to excuse bad coding style is awful... it's better to write the code better and lose the comment.
The aim, in my opinion, is for self-documenting code. This is impossible in assembler. It's very difficult in C. But once you migrate to C++, then if you have a good design and good names you need very few comments. Most short methods don't require any comments at all, and adding superfluous comments is worse IMHO than having none - they get out of sync with the code.
Your analysis that people who don't comment are "lazy, sloppy, and [don't] care whether or not [their] code is maintainable" is unfair in cases like this. When using a language like C++, too many comments is often a sign of bad design.
Oh, and there are programmers who don't comment their code because they understand it so well. I work with one. He has a photographic memory, and actually can remember how code he wrote 5 years ago works. It's a pain working with him, but I still wouldn't describe his as lazy or sloppy - just hard to work with!
Slashdot Mirror
No thanks, one can only handle so many Microsoft jokes ;)
Either your software can detect the sendmail bug or else it must disallow software "like" sendmail. Assuming the former, if you can verify x86 code, you should be able to scan Linux for ALL possible exploits and make it 100% secure.
Which would be cool, but somehow I remain doubtful. Or are you saying that you *could* do this, but it would take several lifetimes to run? ;)
How would you verify, or detect, a case like this? It's a darling of pointer aliasing and data-as-code. If you have a method, I'm impressed ;)
Object-oriented bytecode is verifiable because it doesn't have loose cannons like pointers to functions. Once you have pointers to functions, it seems you can create an insoluble program flow quite trivially.
No mention there what the matter with that poor kid was, though. It could have been genetic engineering or clone research. It could have been any number of natural causes. Do we get any hints? ;)
Well, I could have told you that ;)
Cloning people isn't science. It's engineering.
Aaaaaaaaaaaaagh! ;)
But if the code was good enough that it (a) had no implementation "features" and (b) had a well-defined interface, then it probably didn't need rewriting in the first place ;)
That's the problem with a lot of "real-world" code - it's grown beyond its original spec and the implementation now contains the *only* definitive statement of what the code does.
I agree with you in theory, though, and I wish I programmed in that world ;)
People joke around on this site. Take it like a man.
Man, you leave school and there are 6 continents and next thing you know there are 7 and they renamed them! I expect it depends a lot on where you live - in the UK no-one talks about "Eurasia" ;)
Never been in a company where people would leave rather than work on the existing codebase? At times like that, management might reconsider. And if it's going to take such a dire emergency before they do consider rewriting the codebase, they're lousy managers.
Tell me, how can you rewrite a piece of code before you understand it? ;)
Australasia's a continent; Australia is an island.
I'm only replying to say thanks - I should listen to my Operation Mindcrime CD again. I'd forgotten what a top album that is.
You're being too kind. If they are prepared to publish a study like this, done while being strapped for resources, they are being dishonest.
You don't need a union to organize. If there's a problem with management, you can bet people have noticed. Emailing everyone in the company except the boss is trivial these days. I've organized plenty of uprisings in my time, albeit at fairly small companies.
I take your point, but which is more likely to lead to interoperability problems:
I think that more of the GPL code could and should be LGPL'd, precisely to improve interoperability.
I agree that comments are very important in external headers, and I usually try to give an overview of the class and its purpose. If you don't have the class source code, this is of course vital.
Code should definitely have *some* comments. I just mean that the ideal amount of English compared with code can be much lower, depending on which language you're using. In essence, the purpose of higher-level languages is to express the code in a way that's closer to English - so less English comments should be necessary.
What I don't want to see is a comment which would be redundant, if only it matched the code. Or crap like this:
a += 1; // increment a
I think my opinions are close to those of Stroustrup. He has spent more time explaining them than I can. I agree with more of what he says than I disagree with. And he did invent C++!
Quite how this shapes anything other than the kid's free time is beyond me, but in Katz's world it seems that it's more important that kids listen to illegally-downloaded MP3s, play video games and read trashy news sites like this, than it is for them to do their homework, interact with their parents and friends, and learn some resource management skills.
Can you imagine what an obnoxious spoilt brat Katz's kid would be if he had one?
Yeah, isn't it terrible how someone with a good business idea but no money can go out and find someone willing to take a risk on his idea and possibly make him rich. If it weren't for VC, *everything* would be done by megacorporations.
What's a boycott is if it's not a threat?
Those engineers at DirecTV are pretty smart cookies. And they have a sense of humor. I like that!
Hey, can I put a commercial for myself on Slashdot? Please! I could talk about what got me into programming, then when they've taken the bait I can switch and start selling myself as a consultant. ;)
It's not mysterious.
Sweatshops in Latin America involve real human suffering which even non-idealistic people wish to put a stop to.
The gap in computer use is a trivial fact which is easily explained in terms of pricing and doesn't cause any actual suffering. It's something only middle-class internet users give a fuck about.
It seems our "idealistic college students" have their priorities a lot straighter than our 50-year-old hack journalists.
Firstly, comments are often not maintained. You can say this is the fault of the maintainer, but with the best will in the world mistakes happen.
Secondly, plenty of people write tons of comments but their code is still unreadable. Code should be clear, concise and shouldn't use tricks of the language like:
if (a = (b == c))
Adding a comment to excuse bad coding style is awful ... it's better to write the code better and lose the comment.
The aim, in my opinion, is for self-documenting code. This is impossible in assembler. It's very difficult in C. But once you migrate to C++, then if you have a good design and good names you need very few comments. Most short methods don't require any comments at all, and adding superfluous comments is worse IMHO than having none - they get out of sync with the code.
Your analysis that people who don't comment are "lazy, sloppy, and [don't] care whether or not [their] code is maintainable" is unfair in cases like this. When using a language like C++, too many comments is often a sign of bad design.
Oh, and there are programmers who don't comment their code because they understand it so well. I work with one. He has a photographic memory, and actually can remember how code he wrote 5 years ago works. It's a pain working with him, but I still wouldn't describe his as lazy or sloppy - just hard to work with!