Silver Bullets
Home Up Statistics Games Silver Bullets Short Date Format COTS Rollover WebWise Pulled


From: Rob

<referring to a manufacturer who claims to have a "silver bullet">

A suggestion: Potential customers could sign for the results under some
form of non-disclosure (ie; not to use for commercial advantage). You <the silver bullet manufacturer> have little to lose and a lot to gain by making the test results/evaluations public if the product has stood rigorous testing

That's an interesting suggestion, Rob, but I think this type of issue
can be handled publicly and still allow the vendor to maintain whatever
level of intellectual rights he needs without the NDA.

When approached by another vendor with a product that had similiar
claims to the tool you were referring to, I looked at the documentation
of what it claimed to do. By the time I was finished reading, I knew a
very simple way to disprove the tool.

Below is a small C program with a Y2K bug, in fact, it has two bugs:
improper use of the tm structure year value and a hard coded "19" for
the century. I did not believe this program could be safely unraveled
at the object code level. When I actually executed their program, it
declared there was no Y2K issues with the executable that MSC generated
from this C code.

#include <time.h>
#include <stdio.h>
     struct tm *gm_time;
     long seconds;
     gm_time = gmtime(&seconds);
     printf("In 1 year it will be %d %d 19%d\n",
               gm_time->tm_mon + 1,
               gm_time->tm_year + 1);

Unless I have made a typo, today this little program's output is:

In 1 year it will be 04 23 19100

If any tool somehow did manage to fix this program, I could write either
a very similar program where the digits "04 23 19100" represented
something other than a date and the tool would also modify those values
(when it was not supposed to) or a similar program that the same tool
would miss remediating (where the date input came from either the
operator, a data file or were hard coded into the program instead of the
time functions).  The key is to actually demonstrate the tool work on a
few well understood test case files such as this. It does not take a
large test bed to differentiate a silver bullet from a innovative,
functional tool - with such a test, we would all see which category that
tool falls into.

In that way can the list-group check for themselves with validated and
accredited source information first hand rather than be "sold by us vendors
who always talk marketing speak!"

I would take exception to that, Rob. We maintain a policy of being very
upfront about any limitations of my tools.  If I tell someone that a
tool does something, it does it and it does it by a very sound technical
principle. (I am not saying we will never have a bug, but I am saying
our tools are very solid technically.)  We do not use "marketing speak"
in any business I am involved in and we do not develop silver bullets
(our tools are of the innovative, functional type I referred to

Vic Fanberg