On Friday, 26 July 2013 at 02:39:15 UTC, Walter Bright wrote:
If you are writing a program that, if it fails will cause your
car to crash, then you are a bad engineer and you need to
report to the woodshed.
As I've written before, imagining you can write a program that
cannot fail, coupled with coming up with a requirement that a
program cannot fail, is BAD ENGINEERING.
ALL COMPONENTS FAIL.
The way you make a system safe is design it so that it can
withstand failure BECAUSE THE FAILURE IS GOING TO HAPPEN. I
cannot emphasize this enough.
You emphasis it quite well, and that is certainly true for a car,
a plane, or anything potentially dangerous.
Different tradeoff apply when you talk about a video game, a
media player or and IRC client.
