From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: =?utf-8?Q?=C3=93scar_Fuentes?= Newsgroups: gmane.emacs.help Subject: Re: CVE-2017-14482 - Red Hat Customer Portal Date: Sun, 24 Sep 2017 16:42:54 +0200 Message-ID: <87vak8rwcx.fsf@qcore> References: <2e991bb7-c570-49ce-be94-3654945bb4b5@mousecar.com> <87d16jxjz6.fsf@eps142.cdf.udc.es> <861smzcgx3.fsf@zoho.com> <1b3bec6e-d4d5-37a7-ba54-49bd2d8281bd@yandex.com> <86k20qbcu9.fsf@zoho.com> <86o9q0a8zc.fsf@zoho.com> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Trace: blaine.gmane.org 1506264212 17603 195.159.176.226 (24 Sep 2017 14:43:32 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Sun, 24 Sep 2017 14:43:32 +0000 (UTC) User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux) To: help-gnu-emacs@gnu.org Original-X-From: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Sun Sep 24 16:43:28 2017 Return-path: Envelope-to: geh-help-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dw87y-0004Iy-Ea for geh-help-gnu-emacs@m.gmane.org; Sun, 24 Sep 2017 16:43:26 +0200 Original-Received: from localhost ([::1]:38398 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dw885-00018d-Sx for geh-help-gnu-emacs@m.gmane.org; Sun, 24 Sep 2017 10:43:33 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:55479) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dw87i-00018U-I3 for help-gnu-emacs@gnu.org; Sun, 24 Sep 2017 10:43:11 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dw87f-0007dn-Ew for help-gnu-emacs@gnu.org; Sun, 24 Sep 2017 10:43:10 -0400 Original-Received: from [195.159.176.226] (port=36163 helo=blaine.gmane.org) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dw87f-0007dO-7e for help-gnu-emacs@gnu.org; Sun, 24 Sep 2017 10:43:07 -0400 Original-Received: from list by blaine.gmane.org with local (Exim 4.84_2) (envelope-from ) id 1dw87V-0002Wd-3A for help-gnu-emacs@gnu.org; Sun, 24 Sep 2017 16:42:57 +0200 X-Injected-Via-Gmane: http://gmane.org/ Original-Lines: 32 Original-X-Complaints-To: usenet@blaine.gmane.org Cancel-Lock: sha1:D0R112VU3boNzPUbq1Biz0krX5Y= X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 195.159.176.226 X-BeenThere: help-gnu-emacs@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Users list for the GNU Emacs text editor List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "help-gnu-emacs" Xref: news.gmane.org gmane.emacs.help:114386 Archived-At: Mario Castelán Castro writes: > It is true that formal verification of a program requires several times > the effort compared to writing a comparable non-verified program (but > with many bugs). I argue that this effort is necessary, because it is > the only way to write correct software. > > I think you will agree that although writing undocumented software is > easier than writing well-documented software, writing documentation is > part of software development and thus undocumented software must be > considered incomplete. In the same way, I extend this to the claim that > formal verification is part of software development and thus unverified > software is incomplete. > > Although writing incomplete software is easier than writing complete > software, the task should not be considered solved. It is like just > building half of a bridge. Surely it is easier than building all of it; > but it is not enough. It seems that you think that formal verification says that the software is correct. That's in theory. Practice is different, as usual. Instead of writing a lengthy explanation about why formal verification can't be a guarantee about the correctness of a piece of sotware, I'll simply reference a study about failures on verified systems: https://blog.acolyer.org/2017/05/29/an-empirical-study-on-the-correctness-of-formally-verified-distributed-systems/ "Through code review and testing, we found a total of 16 bugs, many of which produce serious consequences, including crashing servers, returning incorrect results to clients, and invalidating verification guarantees."