Sir, How can it be well and good if your check do not catch the absurdity in any coding? It's bad. Because that code Mr. Locke just produced as an example is a mischievous one. It will only take just one freaking trigger hidden inside the source code.
You said your 'check' will not look for such things. Again, that's the weakness of your proposal. On the other hand, Source Code review will allow us to look for such things to assure integrity. You also said that what matters are the outcome. Don't you realize that the outcome is determined by the code? And finally, I think sir, that you are working on a "Default Accept" policy. This may not be so assuring when it comes to the code that will determine our country's next leaders. A saner policy should be "Default Deny." On Tue, Oct 13, 2009 at 9:09 AM, Oscar Plameras <[email protected]>wrote: > The check I propose is by Outcome. > > If my check will not catch the absurdity in any coding, that's well and > good. > > My check is not going to look for such things. What matters are the > outcome > or results. > > On Tue, Oct 13, 2009 at 1:40 AM, Robert Locke <[email protected]> wrote: > > Oscar, > > > > If I had a closed system that did the following: > > > > if (current_date < '2010-05-10) { > > do_a_normal_tally(); > > } else { > > do_something_slightly_different_but_not_too_obvious(); > > } > > > > How would your proposed "Testing the System by Outcomes" catch this? > > > > Maybe you set the system date to be 2010-05-10, and the ruse is > > revealed. > > > > So the programmer does this: > > > > if (current_date < '2010-05-10 && !obscure_hot_key_pressed) { > > do_a_normal_tally(); > > } else { > > do_something_slightly_different_but_not_too_obvious(); > > } > > > > How do you catch it then? Obviously this is an oversimplified > > example, but I'm curious to hear how you would expose it. Or are we > > supposed to blindly "trust" that this won't happen? If that's your > > position, then I would say it's a bit naive. > > > > "There is one safeguard known generally to the wise, which is an > > advantage and security to all, but especially to democracies as > > against despots. What is it? Distrust." - Demosthenes > > > > Rob > > > > > > > > > > > -- Michael R. Janapin Systems Administrator PBTS Baguio City, Philippines http://mulingsilang.wordpress.com
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
