On Dec 22, 2007 5:53 PM, Rico Secada <coolzone@it.dk> wrote:
quoted text
> You are right, Ada is widely used in avionics, aerospace and defence
> systems, systems that demand a VERY high level of security and safety
> regarding lives and expensive equipment. And Ada is specifically
> designed for embedded systems too.

Ada's original foothold was gained because it was mandated by the US
government for many projects and was standardized before C.  If Ada's
benefits were not realizable with other tools, the mandate would still
be in place.

quoted text
> It is my understanding that C is the hackers tool while Ada is the tool
> of the engineer. I think it is mostly because of tradition.

Your understanding is wrong.  I suspect that many professional
engineers using C (and/or other languages) would strongly disagree
with your offhand characterization.

quoted text
> You find Ada in almost all of Boings airplanes, and in most industry
> critical systems. Ada was written with compile time protection against
> bugs such as buffer-overflows and so on.

Didn't I read a Slashdot article about the NYSE going to Linux?  What
language is medical software written in?  What about the competing
companies that aren't using Ada?  How does their track record of
software faults compare?

Compile time protection isn't worth the time it takes to run them if
your specification has flaws, your code doesn't match the spec, or the
compiler has errors.  There are MANY other types of errors that can
never be caught at compile-time.  Just because these errors SHOULD be
accounted for in the program's spec doesn't mean that they WILL be.

quoted text
> But like many has stated, what makes programs good and secure is the
> programmer, but IMHO the tools and languages are important too.
>
> You cannot use something like C in a really security demanding
> situation, and here I think about humans lives, like in spacecrafts.

Completely false.  You can use any tool you want with an appropriate
model of the system; this includes your tools and code.  The software
for the original US moon missions was written in assembly code;
portions may still be in use today because of its extreme reliability.

quoted text
> A simple buffer overflow might crash the plane, and you have to have
> some ways of eliminating that completely. That is why Ada was designed
> the way it was. You can read about the history of Ada on Wikipedia.
>
> Why so much is written in C on Unix-like systems, I think its mainly
> tradition. IMO Ada would be much better from a security point of view.

Your opinion means nothing without code.  Even with code, the OpenBSD
project likely won't care anyways.  You are barking up the wrong tree.

quoted text
> I agree that it would be better if OpenBSD or any other system for that
> matter was written in Ada rather than C, and they could just as well,
> but re-writing something as huge as OpenBSD is a MAJOR task, and what
> would the real benefits be in this situation?
>
> The OpenBSD team knows exactly what they are doing hence the extra
> security of Ada becomes almost un-necessary, but again I agree, had
> OpenBSD been in Ada from day one, that would save them a LOT of time!
> Bugs would be caught on compile time and bad-coding would almost be
> eliminated.

Go back to Wikipedia.  OpenBSD was a fork and essentially worked from
day one.  However, as you say, rewriting something as big as OpenBSD
is a MAJOR task in the timeframe of years or decades.  Instead of
improving security in a known system, all those years would be
"wasted" reinventing the wheel and playing catch-up with the
pre-existing feature set of modern operating systems.

Your insistence on equating compile-time checks with secure
programming is incorrect, and indicates your inexperience in secure
programming.  Academic questions like this should be googled or asked
on comp.lang.ada.

Good luck.

--david