Fixing C's Biggest Mistake

Walter Bright newshound2 at digitalmars.com
Fri Dec 30 20:38:52 UTC 2022


On 12/29/2022 7:04 PM, monkyyy wrote:
> I dont understand why its such a rare opinion to think about software as fail 
> safe or fail dangerous depending on context; most software that exists should be 
> fail safe, where every attempt is made to make it to keep going.

Please reconsider your "every attempt" statement. It's a surefire way to disaster.


> Airplanes, nasa 
> and maybe even hard drive drivers; write triple check every line of code, turn 
> on every safety check and have meetings about each and every type; fine.

Sorry, but again, that is attempting to write perfect software. It is 
*impossible* to do. Humans aren't capable of doing it, and from what I read 
about the space shuttle software is it is terrifyingly expensive to do all that 
checking and so it does not scale.

The right way is not to imagine one can write perfect software. It is to have a 
plan for what to do *when* the software fails. Because it *will* fail.

For example, a friend of mine years ago told me he was using a password manager 
for his hundreds of passwords to keep them safe. I told him it that the PWM is a 
single point of failure, and when it failed it would compromise all of his 
passwords. He dismissed the idea, saying he trusted the password manager company.

Fast forward to today. LastPass, which is what he was relying on, failed. Now 
all his hundreds of passwords are compromised.



More information about the Digitalmars-d mailing list