Comments on: The Difference Between Knowledge and Wisdom http://emergentchaos.com/archives/2008/05/the-difference-between-knowledge-and-wisdom.html The Emergent Chaos Jazz Combo Mon, 15 Mar 2010 15:02:09 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Iang (Case study ....) http://emergentchaos.com/archives/2008/05/the-difference-between-knowledge-and-wisdom.html/comment-page-1#comment-4632 Iang (Case study ....) Sun, 18 May 2008 14:03:16 +0000 http://emergentchaos.com/?p=2759#comment-4632 I like the term "accident chain." That is precisely what happened here, and the attempts by the Debian and OpenSSL camps to blame each other only distract. It's worth summarising the experience. I think it makes a great case study of the security world today. I like the term “accident chain.” That is precisely what happened here, and the attempts by the Debian and OpenSSL camps to blame each other only distract.
It’s worth summarising the experience. I think it makes a great case study of the security world today.

]]> By: Iang (Case study ....) http://emergentchaos.com/archives/2008/05/the-difference-between-knowledge-and-wisdom.html/comment-page-1#comment-5181 Iang (Case study ....) Sun, 18 May 2008 14:03:16 +0000 http://emergentchaos.com/?p=2759#comment-5181 I like the term "accident chain." That is precisely what happened here, and the attempts by the Debian and OpenSSL camps to blame each other only distract. It's worth summarising the experience. I think it makes a great case study of the security world today. I like the term “accident chain.” That is precisely what happened here, and the attempts by the Debian and OpenSSL camps to blame each other only distract.
It’s worth summarising the experience. I think it makes a great case study of the security world today.

]]> By: Iang (Case study ....) http://emergentchaos.com/archives/2008/05/the-difference-between-knowledge-and-wisdom.html/comment-page-1#comment-6303 Iang (Case study ....) Sun, 18 May 2008 14:03:16 +0000 http://emergentchaos.com/?p=2759#comment-6303 I like the term "accident chain." That is precisely what happened here, and the attempts by the Debian and OpenSSL camps to blame each other only distract. It's worth summarising the experience. I think it makes a great case study of the security world today. I like the term “accident chain.” That is precisely what happened here, and the attempts by the Debian and OpenSSL camps to blame each other only distract.
It’s worth summarising the experience. I think it makes a great case study of the security world today.

]]> By: Mordaxus http://emergentchaos.com/archives/2008/05/the-difference-between-knowledge-and-wisdom.html/comment-page-1#comment-4631 Mordaxus Thu, 15 May 2008 16:06:32 +0000 http://emergentchaos.com/?p=2759#comment-4631 Thank you. That's exactly my point. My poor brain didn't have "accident chain" cached in active vocabulary. My teachers, long ago, taught me to "take pity on the poor sucker who has to maintain your code." In an open source project, those poor suckers include the arrogant little bastidge upstream from you who thinks he's fixing a bug. There are many people who seem to write code with an attitude of, "if it was hard to code, it should be hard to read." That's a form of arrogance. A better form of arrogance is to think, "if it was hard to code, it should be easy to read, because people dumber than me will be reading it." That arrogance, that I'm going to explain this because you aren't going to figure it out for yourself, has better characteristics for making the world a better place. Thank you. That’s exactly my point. My poor brain didn’t have “accident chain” cached in active vocabulary.
My teachers, long ago, taught me to “take pity on the poor sucker who has to maintain your code.” In an open source project, those poor suckers include the arrogant little bastidge upstream from you who thinks he’s fixing a bug.
There are many people who seem to write code with an attitude of, “if it was hard to code, it should be hard to read.” That’s a form of arrogance. A better form of arrogance is to think, “if it was hard to code, it should be easy to read, because people dumber than me will be reading it.” That arrogance, that I’m going to explain this because you aren’t going to figure it out for yourself, has better characteristics for making the world a better place.

]]> By: David Brodbeck http://emergentchaos.com/archives/2008/05/the-difference-between-knowledge-and-wisdom.html/comment-page-1#comment-4630 David Brodbeck Thu, 15 May 2008 13:38:11 +0000 http://emergentchaos.com/?p=2759#comment-4630 The discussion in one of the linked blogs also revealed some interesting things about the OpenSSL team's communications. Basically the Debian maintainer making the change actually asked about the patch on openssl-dev mail list, and got no real objections. But apparently, contrary to what their website says, openssl-dev is not the place to ask these sorts of things; apparently it's the (unpublished) openssl-team list. So what we have is a series of mistakes that added up to a big disaster: - A person changing critical code they didn't fully understand. - Tricky code that was not sufficiently commented as such. - Upstream developers who did not make their preferred communications channels clear. - Insufficient testing of the final code. In aviation it's common to talk about an "accident chain," the series of small mistakes that lead up to an incident. Breaking any one link in the chain would have stopped the accident from happening. That's kind of what happened here. The discussion in one of the linked blogs also revealed some interesting things about the OpenSSL team’s communications. Basically the Debian maintainer making the change actually asked about the patch on openssl-dev mail list, and got no real objections. But apparently, contrary to what their website says, openssl-dev is not the place to ask these sorts of things; apparently it’s the (unpublished) openssl-team list.
So what we have is a series of mistakes that added up to a big disaster:
- A person changing critical code they didn’t fully understand.
- Tricky code that was not sufficiently commented as such.
- Upstream developers who did not make their preferred communications channels clear.
- Insufficient testing of the final code.
In aviation it’s common to talk about an “accident chain,” the series of small mistakes that lead up to an incident. Breaking any one link in the chain would have stopped the accident from happening. That’s kind of what happened here.

]]> By: mordaxus http://emergentchaos.com/archives/2008/05/the-difference-between-knowledge-and-wisdom.html/comment-page-1#comment-4629 mordaxus Thu, 15 May 2008 13:21:21 +0000 http://emergentchaos.com/?p=2759#comment-4629 re Ross Younger Yes, but. I gave a summary. Summaries are short. Short is incomplete. I didn't want to get tied in all the gory details because I think they detract from the core issue. Your more complete explanation of the etiology is a more complete explanation, but I put plenty of links for people interested in more to chase things. The real issue is that a comment like: /* * Yes, we're stirring in uninitialized memory. This is salt that helps make * this machine unique in its pool. Valgrind will complain. Ignore valgrind * because its wrong about this. */ Then this would never have happened. re Ross Younger
Yes, but. I gave a summary. Summaries are short. Short is incomplete. I didn’t want to get tied in all the gory details because I think they detract from the core issue.
Your more complete explanation of the etiology is a more complete explanation, but I put plenty of links for people interested in more to chase things.
The real issue is that a comment like:
/*
* Yes, we’re stirring in uninitialized memory. This is salt that helps make
* this machine unique in its pool. Valgrind will complain. Ignore valgrind
* because its wrong about this.
*/
Then this would never have happened.

]]> By: Ross Younger http://emergentchaos.com/archives/2008/05/the-difference-between-knowledge-and-wisdom.html/comment-page-1#comment-4628 Ross Younger Thu, 15 May 2008 06:13:58 +0000 http://emergentchaos.com/?p=2759#comment-4628 <blockquote>The unconventional coding was flagged by a code-analysis tool, and a Debian person removed it. That change made all randomness vanish from the random number generator.</blockquote> That's not entirely true. Please read the actual <a href="http://svn.debian.org/viewsvn/pkg-openssl/openssl/trunk/rand/md_rand.c?rev=141&view=diff&r1=141&r2=140&p1=openssl/trunk/rand/md_rand.c&p2=/openssl/trunk/rand/md_rand.c" rel="nofollow">diff</a> in question (preferably in the context of the whole source file). Removing the unconventional coding was one thing, and not especially controversial, but the Debian person who committed the fix also made the same "fix" to what appeared to be a similar line elsewhere in the same source file. It was this second "fix" that was wrong, and had the ghastly consequence of preventing entropy from flowing into the randomness pool.

The unconventional coding was flagged by a code-analysis tool, and a Debian person removed it. That change made all randomness vanish from the random number generator.

That’s not entirely true. Please read the actual diff in question (preferably in the context of the whole source file). Removing the unconventional coding was one thing, and not especially controversial, but the Debian person who committed the fix also made the same “fix” to what appeared to be a similar line elsewhere in the same source file. It was this second “fix” that was wrong, and had the ghastly consequence of preventing entropy from flowing into the randomness pool.

]]> By: David Brodbeck http://emergentchaos.com/archives/2008/05/the-difference-between-knowledge-and-wisdom.html/comment-page-1#comment-4627 David Brodbeck Wed, 14 May 2008 19:32:22 +0000 http://emergentchaos.com/?p=2759#comment-4627 There's a systematic problem here for Linux, and that's the tendency for upstream developers to get combative with vendors who want to change their code. The long, sad saga of cdrtools is another example of this. There’s a systematic problem here for Linux, and that’s the tendency for upstream developers to get combative with vendors who want to change their code. The long, sad saga of cdrtools is another example of this.

]]> By: David Brodbeck http://emergentchaos.com/archives/2008/05/the-difference-between-knowledge-and-wisdom.html/comment-page-1#comment-4626 David Brodbeck Wed, 14 May 2008 19:31:49 +0000 http://emergentchaos.com/?p=2759#comment-4626 There's a systematic problem here for Linux, and that's the tendency for upstream developers to get combative with vendors who want to change their code. The long, sad saga of cdrtools is another example of this. There’s a systematic problem here for Linux, and that’s the tendency for upstream developers to get combative with vendors who want to change their code. The long, sad saga of cdrtools is another example of this.

]]> By: Chris http://emergentchaos.com/archives/2008/05/the-difference-between-knowledge-and-wisdom.html/comment-page-1#comment-4625 Chris Wed, 14 May 2008 17:30:51 +0000 http://emergentchaos.com/?p=2759#comment-4625 Great one, isn't it? I immediately thought of an old SunOS <a href="http://www.ciac.org/ciac/bulletins/c-06.shtml" rel="nofollow">fsirand bug</a>. Great one, isn’t it?
I immediately thought of an old SunOS fsirand bug.

]]>