[cap-talk] DJB on Least Privilege (Comet Holmes)

Jed Donnelley capability at webstart.com
Sun Nov 4 03:30:37 EST 2007 

At 09:06 PM 11/3/2007, Mark Miller wrote:
>On Nov 3, 2007 1:35 PM, Jonathan S. Shapiro 
><<mailto:shap at eros-os.com>shap at eros-os.com> wrote:
>All of which reminds me of an orthogonal point: people use the cost of
>legacy repair as an excuse to do nothing, and routinely ignore the fact
>that new programs naturally replace old at a surprisingly rapid pace.
>This raises the question: why are we (i.e. the field, and particularly
>academia) not focusing much greater attention on improved
>software/security engineering for virgin programs?
>
>I just wanted to say that this is an excellent point that should be 
>shouted from the rooftops.
>
>Do any of us here, by any chance, know of any kind of quantitative 
>data regarding how rapid this pace of replacement is, in any important context?

Hmmmm.  I expect the context of software for scientific computing
might be about the worst area for your thesis.  There are a
lot of "dusty decks" still in that area.  I might be able to
get some data from that area if it seems worthwhile.  I suppose
ideal would be average line age and std deviation for a
variety of codes?  I doubt that data so quantitative is
available.  Still, there might be something.  More likely to
be available might be something like when the code was
first written and approximately how much of the source
is still from the original coding.  Would that be of any
use?  I ask because it might be a bit difficult digging
out such information.

Off topic: If you haven't seen Comet Holmes, I recommend
taking a look:

<http://www.skyandtelescope.com/observing/highlights/10862521.html>http://www.skyandtelescope.com/observing/highlights/10862521.html

You can see that it is fuzzy now with the naked eye.
With even a small pair of binoculars it has sort of
a weird "eyeball" appearance that I think is worth
viewing e.g.:

http://media.skyandtelescope.com/images/Holmes-by-Sean_Oct-27_800.jpg


--Jed  http://www.webstart.com/jed-signature.html  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.eros-os.org/pipermail/cap-talk/attachments/20071104/d54cb20d/attachment-0001.html

More information about the cap-talk mailing list