> > The fact that it is possible to do it in principle is the important bit, >
Mandatory, but of course not sufficient. Just recall the recently discovered bash shell bug which was lurking in the source for more than 10 years. The important bit is that one can go and check. > I'm doing this: since in the recent project I ran into many bugs in a well-known CAS, and now I do not trust any function I use and started to look actively for bugs (testing and code reviewing) and discovered about 100 bugs during the last year. Some code parts (which exist and were used for more than 10 years) I checked, reach an error rate about 5 bugs per 1000 lines. Sage builds on top of this CAS and probably on top of other buggy packages. Does Sage warn somehow the user if a user calls a function which is *known* to be buggy? If possible, I suggest Sage to pay QA staff for actively hunting bugs. Jakob Am Freitag, 24. Oktober 2014 17:21:29 UTC+2 schrieb bluescarni: > > On 24 October 2014 05:30, kcrisman <kcri...@gmail.com <javascript:>> > wrote: > >> >> It was an interesting read. The article (at potential risk of starting >>> a firestorm) does seem to suggest that open-source software like Sage is >>> more trustworthy for computational proofs as one can (in principle) verify >>> the code's logic and can look at the list of known bugs. >>> >>>> >>>> >> In principle. But naturally we have a bug tracker for a reason. Also, I >> didn't have time to look at the article they referenced about some >> experience with open source; perhaps someone could summarize it. >> >> > The fact that it is possible to do it in principle is the important bit, > not if actually people do so. When I am writing a paper I don't necessarily > go and check each and every previous result on which the paper is built, > but it is essential to be able to do so if desired or needed. > > Likewise, it's not really important (from the point of view of this > discussion anyway) if Sage or another open-source software is more or less > trustworthy in practice than a closed-source system. The important bit is > that one can go and check. Trust and blind faith are two different things. > > I find it quite depressing how publications relying on (or describing) > "black boxes" are routinely accepted and I wish the research community were > intellectually honest about this issue. > -- You received this message because you are subscribed to the Google Groups "sage-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+unsubscr...@googlegroups.com. To post to this group, send email to sage-devel@googlegroups.com. Visit this group at http://groups.google.com/group/sage-devel. For more options, visit https://groups.google.com/d/optout.
