L
Leythos
If you believe that Linux has no holes you need to read the linux
security sites - there are tons of Linux exploits and most of the
cracked website systems are Linux based.
If you believe that Linux has no holes you need to read the linux
security sites - there are tons of Linux exploits and most of the
cracked website systems are Linux based.
A
All Things Mopar
Leythos commented thusly:
I think I very well understand the difference far more than
you could possibly comprehend as I've worked on /both/ sides.
That isn't at all the point I was making. What I was saying is
that it /is/ possible to detect and fix bugs, whether the
environment is "open" or "controlled", and it /is/ possible
for companies to succeed based on their quality.
And, unlike Windoze of Linux, cars /must/ operate within the
law for very long periods so the penalty for even minor
failure is catastrophic. Computer software doesn't have to do
/anything/! Careful reading of a EULA quickly reveals that
there is no guarantee whatsoever that the software will even
perform what it is advertised to do!
This is a concept that Bill Gates is clearly bright enough to
understand, but has no interest in pursuing as long as he has
a lock on 85% of the market and people will gladly pay what
ever he asks for crap /and/ bow down and kiss his ass for
permission to use what they paid for!
I have stated time and time again that I am not a pirate and
don't condone the practice in any way whatsoever. But, I am
also a strong believe in being able to /use/ what I buy, and I
don't give a shit for some lawyer's distinction between
"ownership" and "license". The /only/ software with
"activation" that I will even consider is Windoze itself, as I
am not yet prepared to take on the Linux monster.
If O/S and application software users ever get tired of
endless upgrades and never ending bugs, they /can/ put a stop
to it. The world runs on money, and the money will go to the
guy with innovative software that /works/. Spin it anyway you
like, but we have only ourselves to blame for this.
I think I very well understand the difference far more than
you could possibly comprehend as I've worked on /both/ sides.
That isn't at all the point I was making. What I was saying is
that it /is/ possible to detect and fix bugs, whether the
environment is "open" or "controlled", and it /is/ possible
for companies to succeed based on their quality.
And, unlike Windoze of Linux, cars /must/ operate within the
law for very long periods so the penalty for even minor
failure is catastrophic. Computer software doesn't have to do
/anything/! Careful reading of a EULA quickly reveals that
there is no guarantee whatsoever that the software will even
perform what it is advertised to do!
This is a concept that Bill Gates is clearly bright enough to
understand, but has no interest in pursuing as long as he has
a lock on 85% of the market and people will gladly pay what
ever he asks for crap /and/ bow down and kiss his ass for
permission to use what they paid for!
I have stated time and time again that I am not a pirate and
don't condone the practice in any way whatsoever. But, I am
also a strong believe in being able to /use/ what I buy, and I
don't give a shit for some lawyer's distinction between
"ownership" and "license". The /only/ software with
"activation" that I will even consider is Windoze itself, as I
am not yet prepared to take on the Linux monster.
If O/S and application software users ever get tired of
endless upgrades and never ending bugs, they /can/ put a stop
to it. The world runs on money, and the money will go to the
guy with innovative software that /works/. Spin it anyway you
like, but we have only ourselves to blame for this.
L
Leythos
There has not been any software created in all the time I've been using
computers, since the mid 70's, that was considered bug free. Even PLC's
(all vendors) have bugs, even some firmware in car computers have bugs,
but comparing a set of computers in a car/vehicle to the computer and
OS/systems in your home PC is completely missing the mark.
The systems in a vehicle do very little, it's very specific, very
defined with an EXACT set of interactions that are also very clearly
defined. The same is true with PLC's used to run plants and mechanical
systems, the same is true about the code we put into the PLC's and other
mechanicals systems, but there is always a bug somewhere.
Please don't make any assertion that the code/systems in a car is some
how comparable to that in a personal computer - it's not even close.
J
Jupiter Jones [MVP]
Good for you.
Facts are against so you need to insult to prove your point.
Do you also advocate the same standards for all operating systems?
If you would read the article for the first time you referenced, you might
see the problem.
But since you are unwilling or possibly unable, here is an excerpt:
"The Committee to Fight Microsoft ("CTFM"), the first civil rights and
consumer action organization in cyberspace, will hold a San Francisco news
conference Tuesday, August 9th to announce that it has begun a campaign to
block Microsoft Corporation from releasing Windows Vista to the general
public unless and until Microsoft offers a general and unconditional
warranty to purchasers that the program does not include "bad code.""
You should read the posts.
The major problem is with "unconditional warranty" & "program does not
include "bad code.""
Do you know what an "unconditional warranty" is?
When have you provided such a warranty?
What software of any kind can provide such a warranty.
The posters are not so much defending Microsoft as they are pointing out the
stupidity of the article you seem to support.
Stick to what is relevant if you have the ability.
Your need to insult displays your own incompetence.
Facts are against so you need to insult to prove your point.
Do you also advocate the same standards for all operating systems?
If you would read the article for the first time you referenced, you might
see the problem.
But since you are unwilling or possibly unable, here is an excerpt:
"The Committee to Fight Microsoft ("CTFM"), the first civil rights and
consumer action organization in cyberspace, will hold a San Francisco news
conference Tuesday, August 9th to announce that it has begun a campaign to
block Microsoft Corporation from releasing Windows Vista to the general
public unless and until Microsoft offers a general and unconditional
warranty to purchasers that the program does not include "bad code.""
You should read the posts.
The major problem is with "unconditional warranty" & "program does not
include "bad code.""
Do you know what an "unconditional warranty" is?
When have you provided such a warranty?
What software of any kind can provide such a warranty.
The posters are not so much defending Microsoft as they are pointing out the
stupidity of the article you seem to support.
Stick to what is relevant if you have the ability.
Your need to insult displays your own incompetence.
R
Robert Moir
Leythos said:
But the comment that 'if we expect things to be mediocre then we shouldn't
be surprised if that is what we get' was quite trenchant, wouldn't you say?
L
Leythos
No one accepts the bugs, no one accepts the exploits, not one that has a
brain expects zillions of lines of code to be perfect, no one that as an
ounce of experience in development expects anything they use/design to
be perfect, but everyone of us that does design work expects our work to
be perfect and to exacting standards and we strive to make it that way.
No one sets out to design bad code, no one sets out to create a great
app that purposely has exploits.
What you run into with and OS and tightly integrated applications is
much like anything else - the more connections you allow the more
chances for someone to exploit some function in a manner that you didn't
anticipate.
On top of the above, if you have to maintain compatibility with older
code, there are going to be times when you can't close an hole without
impacting MORE users than the exploit would normally impact.
G
Gordon
Leythos said:
I'm not saying it has no holes - I'm just saying it has far less holes (at
the moment) than Windows.
L
Leythos
Yes, but there is far more in Windows than in Linux, so I would expect
it to have more holes. Since it support about every device/product on
the planet you have to expect it to have more holes. Linux does not
support anywhere near as many devices and applications that are common
to business and home users as does Windows. Don't get me wrong, I love
Fedora Core 3 and even run Cross-Over with Office XP on it and use
Evolution with my exchange server, but it's not supporting as much as
Windows.
F
~ FreeSpirit ~
=======================Jupiter Jones said:
I think he was just kidding as I was.... relax!
FS~
R
Robert Moir
Gordon said:
You've found and counted each hole in both products? Even the ones no one
has discovered yet? Cool - do you know when we might see patches for every
single one of them on both platforms?
K
kurttrail
Robert said:
There are fewer exploits of Linux holes that Windows holes in the wild.
No, I didn't count them, all I have to do is see any def list of AV
products to know that.
--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"
A
All Things Mopar
Leythos commented thusly:
Systems in cars do very little? And, where did you get that
gem of intelligence from? They do little things, like make the
engine run, the transmission shift, the windows roll down, the
radio play, the A/C work, the doors open remotely, prevent
theft, control throttle and shifting through drive-by-wire,
meet all state and Federal emissions and crash regs, /exceed/
crash on virutually every car, I could go on. Oh, and they
protect people from themselves, even when the "user" is an
idiot and tries to disobey the laws of physics. Air bags work,
they save lives, and they are controlled by computers. Yeah,
that ain't very much, is it?
And, cars do this well past their warrenty period. The 25+
computers all talk to each other increasingly over multiplexed
wiring and they work, day in and day out. Do they break? Sure,
but /seldom/ because of software bugs. Virtually /all/
warrenty repairs, recalls, etc. are the result of faulty
manufacturing, whether by the OEM or a supplier. Only very,
very rarely is it because of a computer glitch.
Know what an OBD III system is, how it works, and why it is a
Federally mandated item on all cars sold in the U.S.?
You're right, it isn't even close, it is far, far, more
complex. Code runs to tens of millions of lines for even a
moderately complexity computer module, is capable of real-time
update, and operates in an environment that could best be
described as hostile.
When was the last time you re-booted your car? Or had your
car's engine or speedometer suddenly freeze up? Or, how many
times have you had to pay for software upgrades so you could
keep driving? Or, when did you have to pull over until your
car "called home" to verify your "authenticity" and rights to
drive it?
My new adult toy, a 2006 Dodge Charger HEMI R/T, is a marvel
of electronic computer control. Engine performance
characteristics, transmission characteristics, traction
control, ESP (Electronic Stability Program), and /all/ of the
consumer functions of the car are run by computers. And, the
things I mention in this paragraph are calibrated - "tuned" if
you prefer, to the /specific/ design goals of a Chrysler 300C
vs. Dodge Magnum RT vs Charger R/T, /all/ through simple
computer software changes. And, while I had to sign lots of
legal mumbo jumbo bullshit, /none/ of it was a EULA requiring
me to "agree" before I could drive home.
Want more power or better handling? Just plunk down a few
bucks for a new computer chip for your engine, trannie or
suspension. Some aren't cheap, true, but the point is that 20,
50, 100, 200 hp are easily available /without/ voiding the
warrenty simply by changing computer control. You think that's
accidental? For example, there are /four/ levels of computer
upgrades to a Neon SRT-4 2.4L turbocharged 4-banger that will
bring the car to over 400hp and a /Neon/ that can stay with a
Dodge Viper SRT-10 costing $85,000 through a standing 1/4 mile
run.
Yes, you're so right. Car are not comparable to PCs, they are
superior in so many ways it is impossible to list them all.
And, these things /work/ literally from -85 to +160 degrees,
in 100 mph wind, snow and sleet storms, torrential downpours,
and under "attack" from electronic emissions of nearby
devices. And, cars are /guaranteed/ to do what they are
advertised to do, start, run,and drive. Can you say the same
for /any/ PC software?
Systems in cars do very little? And, where did you get that
gem of intelligence from? They do little things, like make the
engine run, the transmission shift, the windows roll down, the
radio play, the A/C work, the doors open remotely, prevent
theft, control throttle and shifting through drive-by-wire,
meet all state and Federal emissions and crash regs, /exceed/
crash on virutually every car, I could go on. Oh, and they
protect people from themselves, even when the "user" is an
idiot and tries to disobey the laws of physics. Air bags work,
they save lives, and they are controlled by computers. Yeah,
that ain't very much, is it?
And, cars do this well past their warrenty period. The 25+
computers all talk to each other increasingly over multiplexed
wiring and they work, day in and day out. Do they break? Sure,
but /seldom/ because of software bugs. Virtually /all/
warrenty repairs, recalls, etc. are the result of faulty
manufacturing, whether by the OEM or a supplier. Only very,
very rarely is it because of a computer glitch.
Know what an OBD III system is, how it works, and why it is a
Federally mandated item on all cars sold in the U.S.?
You're right, it isn't even close, it is far, far, more
complex. Code runs to tens of millions of lines for even a
moderately complexity computer module, is capable of real-time
update, and operates in an environment that could best be
described as hostile.
When was the last time you re-booted your car? Or had your
car's engine or speedometer suddenly freeze up? Or, how many
times have you had to pay for software upgrades so you could
keep driving? Or, when did you have to pull over until your
car "called home" to verify your "authenticity" and rights to
drive it?
My new adult toy, a 2006 Dodge Charger HEMI R/T, is a marvel
of electronic computer control. Engine performance
characteristics, transmission characteristics, traction
control, ESP (Electronic Stability Program), and /all/ of the
consumer functions of the car are run by computers. And, the
things I mention in this paragraph are calibrated - "tuned" if
you prefer, to the /specific/ design goals of a Chrysler 300C
vs. Dodge Magnum RT vs Charger R/T, /all/ through simple
computer software changes. And, while I had to sign lots of
legal mumbo jumbo bullshit, /none/ of it was a EULA requiring
me to "agree" before I could drive home.
Want more power or better handling? Just plunk down a few
bucks for a new computer chip for your engine, trannie or
suspension. Some aren't cheap, true, but the point is that 20,
50, 100, 200 hp are easily available /without/ voiding the
warrenty simply by changing computer control. You think that's
accidental? For example, there are /four/ levels of computer
upgrades to a Neon SRT-4 2.4L turbocharged 4-banger that will
bring the car to over 400hp and a /Neon/ that can stay with a
Dodge Viper SRT-10 costing $85,000 through a standing 1/4 mile
run.
Yes, you're so right. Car are not comparable to PCs, they are
superior in so many ways it is impossible to list them all.
And, these things /work/ literally from -85 to +160 degrees,
in 100 mph wind, snow and sleet storms, torrential downpours,
and under "attack" from electronic emissions of nearby
devices. And, cars are /guaranteed/ to do what they are
advertised to do, start, run,and drive. Can you say the same
for /any/ PC software?
A
All Things Mopar
Robert Moir commented thusly:
If they view themselves as unworthy, so will others, while if
they view themselves as productive human beings, other people
will sense that and respect them for it. The same self-
fulfilling prophecy exists for computer software. If you want
junk, you'll get it. And, if you want and expect excellence,
you will get that also, or you'll get a charge credit when you
return the crap.
So, if your threshold for "quality" in /any/ consumer product
is quite low, your chances of being satisfied are quite high.
But, PC users have become "trained" to accept /lack/ of
quality and to continually pay for upgrades or even to correct
prior bugs. Everytime there's a new release of any kind of
hardware or software, there's a large number of eager idiots
flashing their Visa cards to be the first on their block to
become paying beta testers.
If you expect excellence, you will get it. If you don't, don't
buy whatever it is again, buy from somebody else. It is when
real competition ceases to exist that buying choices also go
away and the the harsh realities of the free market system
evaporate.
Why, for example, is PhotoShop so expensive? It is /not/
because it is that many times better than its nearest
competitor, it is because they can charge whatever the traffic
will bear.
I'm already reading about people anxious to try out a beta of
Longhorn. Maybe they have a need for 20 gig of memory, I don't
know. Or, maybe that's just how they get their kicks. But,
besides people in the utility and application software
business, I can't fathom a "normal" PC user wanting to beta
test /any/ operating system. The chances of destroying their
system and losing data are almost 100% /by definition/.
People by their very nature live the self-fulfilling prophecy.
If they view themselves as unworthy, so will others, while if
they view themselves as productive human beings, other people
will sense that and respect them for it. The same self-
fulfilling prophecy exists for computer software. If you want
junk, you'll get it. And, if you want and expect excellence,
you will get that also, or you'll get a charge credit when you
return the crap.
So, if your threshold for "quality" in /any/ consumer product
is quite low, your chances of being satisfied are quite high.
But, PC users have become "trained" to accept /lack/ of
quality and to continually pay for upgrades or even to correct
prior bugs. Everytime there's a new release of any kind of
hardware or software, there's a large number of eager idiots
flashing their Visa cards to be the first on their block to
become paying beta testers.
If you expect excellence, you will get it. If you don't, don't
buy whatever it is again, buy from somebody else. It is when
real competition ceases to exist that buying choices also go
away and the the harsh realities of the free market system
evaporate.
Why, for example, is PhotoShop so expensive? It is /not/
because it is that many times better than its nearest
competitor, it is because they can charge whatever the traffic
will bear.
I'm already reading about people anxious to try out a beta of
Longhorn. Maybe they have a need for 20 gig of memory, I don't
know. Or, maybe that's just how they get their kicks. But,
besides people in the utility and application software
business, I can't fathom a "normal" PC user wanting to beta
test /any/ operating system. The chances of destroying their
system and losing data are almost 100% /by definition/.
A
All Things Mopar
Leythos commented thusly:
Yes, I know. I did personal, then shareware, then professional
software development on a number of mainframe and PC platforms
early in my work career. When somebody found a bug, I at least
tried to fix it - if I was allowed to spend the time on that
problem by my boss!
Writing software is a business, where the intent is to make
money. Testing and fixing bugs costs money that can better be
spent on new features. So, compromises are frequently made
when quality problems become obvious. Maybe nobody sets out to
design bad code, but "management" certainly condones it by
making an economic judgement /not/ to fix things that are
obviously broken if they at all think they can get away with
it. If 100 million users showed up at M$'s HQ in Redmond with
their CD in hand demanding a refund, you can bet your ass
there'd be some changes made in the debugging process!
In the later stages of my career, my company continued to pay
the license fees for CATIA even though patches came in by the
/hundreds/ on a /monthly/ basis, and more often broke formerly
working functions than fixed older bugs. The contract clearly
stipulated that payment could be stopped if the software
either failed to perform its stated function or it could be
shown that by using the software, material damage - read:
money - was being lost by the bugs. But, I could never get my
management to stop paying Dassault Systemes. So, we got
exactly what we deserved - crap, that cost us time and money,
and resulted in /our/ product being slower to develop, more
problem prone and more expensive than it could have/should hav
e been.
If you can't stand the heat, get out of the kitchen. Whether
software developers personally, or robber baron bastards like
Bill Gates like it or not, there is /never/ an excuse for
/knowingly/ producing and selling defective code, nor in
charging a fee for trying to get it to work. It /is/ possible
to automate regression testing, and it /is/ possible to buy
the various hardware and software you purport to support, and
test your own code, and testing /does/ uncover bugs. It's just
that whoever is writing the code has to have the ability, the
will, and the management approval to do their job right.
And, please, don't insult my intelligence by telling me that
you don't know about your own bugs...
Yes, I know. I did personal, then shareware, then professional
software development on a number of mainframe and PC platforms
early in my work career. When somebody found a bug, I at least
tried to fix it - if I was allowed to spend the time on that
problem by my boss!
Writing software is a business, where the intent is to make
money. Testing and fixing bugs costs money that can better be
spent on new features. So, compromises are frequently made
when quality problems become obvious. Maybe nobody sets out to
design bad code, but "management" certainly condones it by
making an economic judgement /not/ to fix things that are
obviously broken if they at all think they can get away with
it. If 100 million users showed up at M$'s HQ in Redmond with
their CD in hand demanding a refund, you can bet your ass
there'd be some changes made in the debugging process!
In the later stages of my career, my company continued to pay
the license fees for CATIA even though patches came in by the
/hundreds/ on a /monthly/ basis, and more often broke formerly
working functions than fixed older bugs. The contract clearly
stipulated that payment could be stopped if the software
either failed to perform its stated function or it could be
shown that by using the software, material damage - read:
money - was being lost by the bugs. But, I could never get my
management to stop paying Dassault Systemes. So, we got
exactly what we deserved - crap, that cost us time and money,
and resulted in /our/ product being slower to develop, more
problem prone and more expensive than it could have/should hav
e been.
If you can't stand the heat, get out of the kitchen. Whether
software developers personally, or robber baron bastards like
Bill Gates like it or not, there is /never/ an excuse for
/knowingly/ producing and selling defective code, nor in
charging a fee for trying to get it to work. It /is/ possible
to automate regression testing, and it /is/ possible to buy
the various hardware and software you purport to support, and
test your own code, and testing /does/ uncover bugs. It's just
that whoever is writing the code has to have the ability, the
will, and the management approval to do their job right.
And, please, don't insult my intelligence by telling me that
you don't know about your own bugs...
L
Leythos
You are still missing the point. When I design a process control system,
which is infinitely more complex that an simple car control system, I
rely on the PLC's to operate properly, the PID controllers to work,
etc... Being that they trust people with their lives with these systems,
indeed, entire cities trust that the machines are designed properly, the
code runs properly, that we designed fail-safes (mechanical and code),
and such. Even with that in mind there are still bugs in the PLC code
firmware, bugs in the code we've written, and there always will be. When
you write many 10's of thousands of lines of code for a process, there
will always be something you've over looked even if you looked at it 50
times.
Your car computers are very simple processes and functions, they have a
very limited scope of operation, limited number of inputs, and very
limited outputs. Don't think you can fool anyone into thinking otherwise
- many of us were designing circuits used in automation systems before
they started putting them in automobiles. You may thing that a cars
systems are complex and operate at extremes, but that just tells me that
you've not done any work with other systems that would give you a clue
as to how simple those devices really are.
A car's computer systems are not even close the being something you can
compare to a personal computer - the two are not even in the same world.
L
Leythos
Up until that point were on the same page. There have been many times,
and I've been on the developer end and the manager end, where you build
a solution based on your own code combined with provided modules that
you don't have the code for - many applications are designed by teams
with specific parts being developed by different people. When they test
their own parts they work well and without bugs/flaws, but, when testing
in QA, not all items are tested (which happens in every shop I've seen
all over the world) as it's almost impossible to determine a test plan
for every possible combination of actions that could/might possibly be
taken. While I believe that is a flaw in QA, it's a simple matter of
fact that it's not possible to determine every possible testing process
for large applications.
When I was first coding, I did an accounting AR package on a CPM machine
(old days), and spent about 4 months designing and testing it. My QA was
myself. When I finished it I presented it to the people that would use
it and asked when I could start training and walking them through the
functions - I was told that I could not give training and that if the
product required training, for a business process that they were already
using, that the product was not ready and needed to be re-written. It
was an interesting concept that I had never thought of and many
developers/managers of teams don't think about when doing applications.
Another issue is with having your own team doing the QA work - in my
shops QA is done by people that have no connection to the development
teams and the QA people change every year or so. This means that there
is no preconceived idea of what should happen or what they intended -
only what they can learn from the requirements documents and what they
can break/make work. If the developer has to tell the QA people how to
do something, then the process failed.
The same is true with bugs - a developer may not test all possible
functions because they may not be aware of all possible functions as
they are not always aware of what other functions are provided and they
are certainly not aware of the coding in the modules they interface
with. So, while you have a developer that turns out perfect code with no
bugs, since his code interacts with modules provided by others, that
provide functions within his application section, he may get bugs
without it being his fault and without him being able to test for them.
I'm not trying to defend this, it's just an explanation of how it
happens in the real world with large applications where one developer is
not writing ALL of the code by himself.
A
All Things Mopar
Leythos commented thusly:
I understand how the real world works as well as the surreal
world. My point was, and is, that software bugs /can/ be
found, and they /can/ be fixed if the company has the will to
do so. But, the PC software world for O/S is non-competitive
by definition and on the app side the companies are much more
interested in revenue from "upgrades" then the expense of
cleaning up their own do-do.
And, my point was, and is, that customers don't have to put up
with shoddy software. It is as simple as shutting off the
revenue stream to the perpetrators of crap.
If developers cannot find the bugs themselves, and they
usually can't because they can't envision the exact workflow
and the exact hardware/software environment that bugs occur,
in order to fix the code internally, if allowed to do so by
management. So, if you advertise that your software works with
X, Y, and Z, then you must buy X, Y, and Z and test for it.
And, you need to conduct public beta tests to wring out the
bugs.
But, with product cycles shrinking very rapidly, there isn't
time to do that and "stay competitive" - read: get the new
code out and fix the bugs in the next release.
Software isn't fundamentally any different than development of
any other commodity. The world's consumers have cleaned up
just about every "hard" commodity by choosing quality over
non-quality, and by choosing from cost-efficient producers
over inefficient producers. It is an example of survival of
the fittest.
Priot to about 197x, the way "bugs" in cars were fixed was by
cancelling the model, and "releasing" a new "version", leaving
the previous hapless owners to fend for themselves. That
changed when first the Europeans, then the Asians, stopped the
annual change-for-change-sake nonsense, and produced cars that
were of high quality from the point of sale (J.D. Power), they
made their cars reliable (as measured by the paid warrenty
period), and they made their cars durable (meaning they
continue to run for hundreds of thousands of miles). The
combination of these 3 definitions of "quality" has led to a
consumer revolution world-wide, but especially in the U.S.
And, the "quality" cars keep their value so "depreciation" is
lessned, but more importantly, people don't feel the urge to
get the newest and greatest because they are satisfied with
what they have.
So, the car industry has now turned into bringing new vehicles
to market to meet needs that customers don't even know they
have until they see the new models. And, "exceed
expectations" and "delight the customer" has become the mantra
of the worlds producers.
But, the same is not true of software, as consumers continue
to "consume" rotten meat and are willing to pay for the
priveledge of poisoning themselves!
I understand how the real world works as well as the surreal
world. My point was, and is, that software bugs /can/ be
found, and they /can/ be fixed if the company has the will to
do so. But, the PC software world for O/S is non-competitive
by definition and on the app side the companies are much more
interested in revenue from "upgrades" then the expense of
cleaning up their own do-do.
And, my point was, and is, that customers don't have to put up
with shoddy software. It is as simple as shutting off the
revenue stream to the perpetrators of crap.
If developers cannot find the bugs themselves, and they
usually can't because they can't envision the exact workflow
and the exact hardware/software environment that bugs occur,
in order to fix the code internally, if allowed to do so by
management. So, if you advertise that your software works with
X, Y, and Z, then you must buy X, Y, and Z and test for it.
And, you need to conduct public beta tests to wring out the
bugs.
But, with product cycles shrinking very rapidly, there isn't
time to do that and "stay competitive" - read: get the new
code out and fix the bugs in the next release.
Software isn't fundamentally any different than development of
any other commodity. The world's consumers have cleaned up
just about every "hard" commodity by choosing quality over
non-quality, and by choosing from cost-efficient producers
over inefficient producers. It is an example of survival of
the fittest.
Priot to about 197x, the way "bugs" in cars were fixed was by
cancelling the model, and "releasing" a new "version", leaving
the previous hapless owners to fend for themselves. That
changed when first the Europeans, then the Asians, stopped the
annual change-for-change-sake nonsense, and produced cars that
were of high quality from the point of sale (J.D. Power), they
made their cars reliable (as measured by the paid warrenty
period), and they made their cars durable (meaning they
continue to run for hundreds of thousands of miles). The
combination of these 3 definitions of "quality" has led to a
consumer revolution world-wide, but especially in the U.S.
And, the "quality" cars keep their value so "depreciation" is
lessned, but more importantly, people don't feel the urge to
get the newest and greatest because they are satisfied with
what they have.
So, the car industry has now turned into bringing new vehicles
to market to meet needs that customers don't even know they
have until they see the new models. And, "exceed
expectations" and "delight the customer" has become the mantra
of the worlds producers.
But, the same is not true of software, as consumers continue
to "consume" rotten meat and are willing to pay for the
priveledge of poisoning themselves!
R
Robert Moir
All said:
And what would the 100 million users say when the price of Windows changed
to reflect the costs of the new engineering standards required of it?
http://www.fastcompany.com/online/06/writestuff.html
A very interesting article, but reflect on the differences in the
engineering philosophy and the costs of applying that to a big project such
as Windows.
Also we have to accept that the market drives the need for commercial
shrinkwrap software. You say you want perfection, we all do for sure, and
yet millions of people buy software that isn't perfect, and being 2nd to
market with a perfect product while someone with a product that is simply
"good enough" eats your lunch can kill your company stone dead.
I've _never_ been charged by Apple or Microsoft for a bug fix.
You _are_ aware that Microsoft already do this, right?
--
R
Robert Moir
kurttrail said:
the list of viruses on a system by no means maps to security
vulnerabilities.
To take a trivial example, the melissa virus (remember that) was an example
of a virus that run absolutely rampant and didn't exploit one single
security hole.
It took advantage of some especially stupid design choices, sure and no
arguement there, but those are not security "holes".
- fwiw i'd argue that "especially stupid design choices" are even worse than
holes that appear as a result of a mistake
regards
rob
L
Leythos
He's lost in his Car computers are better than PC computers world, he's
not wanting to see the LARGE difference between a PC running an
OS/Applications and a computer in a car running a very limited form of
an OS (and most of the processing devices in a car don't even use an OS)
and it's very limited firmware.
When we use to burn our applications into 8k or 16k EEPROMS and wrote
everything in Hex, it was very easy to ensure no bugs, not exploits - as
we also build the "computer" from scratch, designed our own motherboards
(if you could call them that in those days), in fact, we designed
everything from scratch in those days. When we moved to building
applications that track millions of children for the government we still
tested our code, still did multiple QA groups, did end-user testing,
etc... and you know what, we had no bugs that anyone could identify (and
had it in writing) before we delivered the product - but, as is always
the case, after a service pack is applied, after the environment
changed, we would get calls asking for "fixes" to things that worked
fine before - there is so much more to applications today than there
ever was in the old days, and applications on a personal computer have
zillions of more interaction than a simple computing/calculating device
in a car.