Re: simple question

[Dan Kaminsky <dan () doxpara com>]

On Sun, Dec 6, 2009 at 8:46 PM, Tomas L. Byrnes <tomb () byrneit net> wrote:

>  I used unconverted assignments on Digital Research f77 under CCP/M 3.1d
> on iAPx 286 chipsets with regularity, and effect, in the early ‘80s.
>
>
>
> And after that, I was thankful to never use Fortran again.
>
>
>
> The bigger point is that the code is garbage, the data not much better (at
> least according to the comments, because we can’t see the data), and the
> researchers have clearly been actively hiding the facts from public view.
>
>
>
> It’s high time for the Open Source and Free Software ethos to dominate
> something on which so much of the future of mankind rests.
>
>
>
> I, for one, donated lots of CPU time to the BBC climate modeling BOINC
> project. I think the idea that there isn’t enough computing, never mind
> brain, power out there to do this right is complete bunk.
>
>
>
> Let the science produce the result it will, whatever that may be, but let
> it at least be proper science, with the best current practices in all
> relevant fields being applied. Then, after the climate models are as near to
> unimpeachable as can be (and models can do pretty well, as the auto makers
> have shown), we can have the debate about the costs of various courses of
> action relative to their benefits and risks.
>
>
>
> Until we have a model that would pass muster for simulating the Coefficient
> of Drag of an automobile (and as far as I can see the CRU climate model
> doesn’t), how can we base any major public policy decisions on it?

OK, reality check:

1) Most code is crap.  Most commercial code is crap.  Most open source is
crap.  People don't really die from bad code (far more people are
killed crashing through windows than by crashing windows) and that's pretty
much the only thing that drives engineering standards.
2) The fewer people are expected to run code, the crappier it is.  Doesn't
matter how important it is.
3) Crappy, inelegant code runs the world.
4) Security is changing 1-3, but very slowly, and only in places where
there's attack surface being actively exploited.
5) Your one piece of concrete judgement on this code was (to be generous) an
untested assertion, which has been handily dismissed.  Do you have a
concrete complaint remaining?
6) There's a revolution in data sharing going on in science right now.  That
we can expect for data to be made available really is quite new.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.