Lightbulb-SOLUTION-Don't read if you don't want to know!

"Robert J. Brown" (rj@eli.elilabs.com)
Fri, 24 Oct 1997 14:44:25 -0500
Messages sorted by:[ date ][ thread ][ subject ][ author ]
>>>>> "Richard" == Richard Masoner <richardm@cd.com> writes:

    >> Of course, this takes advantage of several *UNSTATED*
    >> assumptions:

    Richard> Two more unstated assumptions are that we know that all
    Richard> three switches are in the "off" position when we start,
    Richard> and that we know somehow which switch position is "off"
    Richard> and which is "on."

Of course, if you concede the first of these, then the second is
subsumed.

    >> Do engineers spoil all your fun?  For engineers, this kind of
    >> technical discussion -- looking for holes in a design -- *IS*
    >> fun: its called a design review!

    Richard> Not only that, assumptions will "get" you.  I wrote some
    Richard> code very recently where I assumed that a request to
    Richard> allocate zero bytes would result merely in a NULL
    Richard> pointer.  I didn't bother to test my assumption,
    Richard> primarily because of time pressures.

    Richard> The real result -- at a customer site no less -- was a
    Richard> system PANIC :-( The routine that allocates the memory
    Richard> specifically tests for a request for zero bytes.  If that
    Richard> assertion fails the function calls panic() instead of
    Richard> returning NULL.

A similar request in a Forth system might well try to allocate 2^32
bytes of memory, assuming you are running on a 32 bit machine.

    Richard> The RISKS Forum on the Internet (news:comp.risks and
    Richard> elsewhere) discusses this type of stuff in detail.

I am convinced that there are *FAR* more bugs, holes, etc., in the
computer systems that we rely on daily than most people would even
begin to suspect.

Back in 1984, I was working on an energy management system.  After
several months on the job I realiwed that there was a significant
national security risk in the system, as an intruder could gain access
to the central control computer for each city and plant a time bomb,
which when it went off, would crash the entire national power grid.
Moments later, the enemy missles arrive...

The *REALLY* scary thing was that I was told to keep my mouth shut, as
such a statement would affect the marketability of the product!

Fortunately the system was never deployed, but what about all the
systems out there that *ARE* in place?  Electric power, telephony, air
traffic control, railroad control, highway traffic systems, oil and
natural gas pipeline control systems, etc.  What about the real-time
financial systems out there that run the international financial
markets?

Recently, our government has begun to wake up to this threat.  A
couple of years ago, an SBIR project was to investigate how virus
attacks could pose a threat to military computer systems.  Also
desired was an anti-virus to get rid of any such infection, and a
virus to infect enemy computers.

The infamous Y2K problem ain't nothin' compared to military
cyber-espionage.  I really believe that the next major war will be
fought in the information realm; WW1 was a ground war; ww2 was an air
war; WW3 (Armageddon?) will be an information war.

-- 
--------  "And there came a writing to him from Elijah"  [2Ch 21:12]  --------
Robert Jay Brown III rj@eli.elilabs.com  http://www.elilabs.com 1 847 705-0424
Elijah Laboratories Inc.;  37 South Greenwood Avenue;  Palatine, IL 60067-6328
-----  M o d e l i n g   t h e   M e t h o d s   o f   t h e   M i n d  ------