Re: ClearSoftware

From: Karl Auerbach <karl_at_cavebear_dot_com>
Date: Thu Sep 06 2007 - 19:54:28 CDT

emanuele lombardi wrote:

Regarding your main point - whether a computer is running the right
software load is a good one. But on the other hand, there is a
reflexive issue - is the machine underneath the software the machine
that the software is expecting to use? I can just as easily bugger s
voting machine by mis-feeding touchscreen coordinates to the code as I
can by changing the code itself.

But you said one thing that kinda triggered my neurons:

> We all know that Open Source ensures verifiability of software

I *strongly* disagree.

I work with open source every day. Much of it doesn't even rise to the
level of being worthy to be labeled as garbage. This is particularly
true when one considers moving open source into a new environment, such
as when one goes to a system with an embedded processor; most
programmers today have nary a clue about how processors differ; that's
why we saw the laughable event when one canvassing system started
counting backwards when it hit 32768 votes. Some naive programmer
didn't realize that for many C compilers the number of bits in "int"
(and unsigned int) are machine dependent.

I often chose to ignore an open source package because it is so badly
done, badly documented, full of memory leaks, buggy, or ill conceived
that it is simply easier, cheaper, and safer to do a rewrite, from scratch.

By-the-way, If we are looking for code with longer than a 30 year
lifespan the coders should be aware of a serious data typing problem -
the 03:14:07 UTC January 19, 2038 boundary - See

