LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for June 20, 2013

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Bad for OSS/FS? Certainly no evidence that proprietary will save us!

Bad for OSS/FS? Certainly no evidence that proprietary will save us!

Posted Sep 17, 2003 20:38 UTC (Wed) by proski (subscriber, #104)
In reply to: Bad for OSS/FS? Certainly no evidence that proprietary will save us! by dwheeler
Parent article: Remotely exploitable sendmail vulnerability

The notion that a particular development approach makes developers immune from flaws is absurd.
It's an absurd to make such blanket statements. There are methods for formal software verification of software against the specification. They may be time consuming and impractical for today's real life projects, but the progress is being made. When it comes to software like ssh and mail software, there is so much at stake that I expect some of those methods to be used in the near futue if they are not being used already.

Software used on life support systems or power plants doesn't just need to be "best in class", it needs to meet the specification. Some attackers are not as stupid as a bear from your story. They aim at most protected systems to maximize damage, not at the easiest system to break into.

(Log in to post comments)

Bad for OSS/FS? Certainly no evidence that proprietary will save us!

Posted Sep 18, 2003 1:41 UTC (Thu) by jtc (subscriber, #6246) [Link]

There are methods for formal software verification of software against the specification.

And there are languages that provide advanced features to support formal verification, such as Eiffel, with its unique programming-by-contract mechanism. Unfortunately, most developers, even very skilled and talented ones, tend to be set in their ways and would often rather stick with the tools they're used to rather than look for something that may be more effective for the job at hand.

Bad for OSS/FS? Certainly no evidence that proprietary will save us!

Posted Sep 18, 2003 3:03 UTC (Thu) by arcticwolf (guest, #8341) [Link]

Unfortunately, though, verifying (and proving) that the source code of a program is correct is not enough, though; you also need to verify both the source *and* the machine code of the compiler being used if you definitely want to be on the safe side. There was an interesting demonstration of this a couple of years ago; I don't recall who it did anymore right now, but with a bit of Googling, it should be possible to find out.

Bad for OSS/FS? Certainly no evidence that proprietary will save us!

Posted Sep 18, 2003 15:31 UTC (Thu) by proski (subscriber, #104) [Link]

True, but that's the easier part. Verification of logic is much harder than checks to prevent deliberate contamination of the toolchain.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds