Probably the hottest business idea of the moment in BTC

[MPOE-PR]

This could also take in a few hundred to a few thousand BTC a month, if well run by credible people, which possibly means half a million worth of BTC equity you're working for.

Original piece. Comments welcome.

[greyhawk]

Totally concur. A service like that is sorely needed.

Unfortunately with the BTC community being what it is, it will likely end in people Dunning-Krugering themselves into believing they were qualified to offer the code review, messing that up, then failing to deliver on the insurance.

So another service level would be needed to review the reviewers, but that level bears the same problem.

[Sukrim]

I don't really see the connection to BTC here, this could be done with Paypal as well.

[Endgame]

Yes this would be useful. The hardest part of implementing this would probably be finding employees capable enough to find all the holes. Also people would try and run inside jobs, breaking into their own code for the insurance payout.

[killerstorm]

This severely underestimates complexity of code verification.

It is kinda a spectrum. If you just look through the code, line by line, all you can say "I haven't found obvious flaws, yet", only idiot will say that it is "safe to run".

There is a reason why people write unit tests. If they want to make sure that it works, each line, each statement should be covered by a test. And quite often test suite is large than code base itself.

See here: http://www.sqlite.org/testing.html

As of version 3.7.14, the SQLite library consists of approximately 81.3 KSLOC of C code. (KSLOC means thousands of "Source Lines Of Code" or, in other words, lines of code excluding blank lines and comments.) By comparison, the project has 1124 times as much test code and test scripts - 91421.1 KSLOC.

And even that doesn't give you 100% guarantee.

Also see here: http://www.fastcompany.com/28121/they-write-right-stuff
Writing software with very few defects is incredibly costly. Running software with no defects at all is likely impossible.

OK, even if we rule out things which aren't feasible, there is still a lot of restrictions. I would give you any kind of assurance about for code written in dynamic programming language (JS, Python, PHP) or unsafe programming language (C/C++). It is simply a minefield: compiler performs almost no checks, so it is hard to make sure that it doesn't fail in a weird and unexpected way.

This leaves us with Java (it has many flaws, but at least it isn't as bad as things mentioned above), Ada, functional programming languages like *ML and Haskell.

So what I'm saying, if properly done it would be too restrictive for a startup business.

And if it not done properly it won't be a good service. It's basically an insurance business: you know that some system WILL fail because your code verification isn't exhaustive. You just do pre-screening to rule out obvious losses. Otherwise, it is a matter of luck, essentially risk pooling.

Thus you don't really need first-class programmers, I think.

[CIYAM]

One point that I'd like to make is that the programming paradigm very much affects the reliability of the code itself.

Functional programming (possible in C++ but perhaps best done in a language designed for it such as Haskell) changes things a lot in that by using extremely well tested and covered "functions" the unit test requirements are greatly simplified (e.g. you are not having to check 1000's of versions of a "for" loop there is only the known "for loop" functions).

In my own upcoming open source project (hopefully to be launched before the end of the year) I have taken this concept a further step by combining both "functional" and "aspect oriented" programming with MDA ("model driven architecture") into a source code generating platform (so that manual source code is actually never written at all).

[MPOE-PR]

Totally concur. A service like that is sorely needed.

Unfortunately with the BTC community being what it is, it will likely end in people Dunning-Krugering themselves into believing they were qualified to offer the code review, messing that up, then failing to deliver on the insurance.

So another service level would be needed to review the reviewers, but that level bears the same problem.

This has already happened with the usagi/CPA thing to some degree. Obviously everything depends on the quality of the people involved. Much like all other BTC businesses.

I don't really see the connection to BTC here, this could be done with Paypal as well.

Non-BTC software is a worthless piece of crap, a point everyone knows and actively strives for. There exist some very limited applications where code is insured, and the costs involved are nothing on the level of Paypalness.

As suggested here.

The less that thing is involved in the better. Much like the Pope.

Yes this would be useful. The hardest part of implementing this would probably be finding employees capable enough to find all the holes. Also people would try and run inside jobs, breaking into their own code for the insurance payout.

Obviously once code is compromised that reviewer is fired, possibly in strong terms.

This severely underestimates complexity of code verification.

No. Your head would want it to, but it does not. Otherwise, unit testing is specifically mentioned, please read more, submit more, contradict me for the sake of contradicting me less. You're not quite clever enough.

Running software with no defects at all is likely impossible.

Stop repeating this sort of stupidity and instead show me your Knuth check.

This leaves us with Java (it has many flaws, but at least it isn't as bad as things mentioned above)

Java as implemented is possibly the worst piece of crap that ever saw the inside of a computer, being busted wide open on a regular, yearly basis at the very least. Anyone seriously proposing it be deployed for anything other than pranks is in desperate need of some meds.

One point that I'd like to make is that the programming paradigm very much affects the reliability of the code itself.

This is very true. As a good example I could easily see the Z specifying that "anything written in Java is unacceptable on the face and will not be reviewed".

so that manual source code is actually never written at all.

This has been tried for a while now, but it has its own pitfalls.

[CIYAM]

This has been tried for a while now, but it has its own pitfalls.

I don't think (from my own research) that anyone has gone as far with this idea as I have (apart from perhaps Charles Symonyi's "Intentional Software" platform ) but I will welcome criticism when I launch the project (the entire website will have 0% manually written source).

[meowmeowbrowncow]

This has been tried for a while now, but it has its own pitfalls.

I don't think (from my own research) that anyone has gone as far with this idea as I have (apart from perhaps Charles Symonyi's "Intentional Software" platform ) but I will welcome criticism when I launch the project (the entire website will have 0% manually written source).

Looking forward to it.  Should be interesting.

[2112]

… is a code review and insurance service.

Comments welcome.

This isn't only a surefire money maker. The (yet unpublished) Dunning-Kruger-Popescu halting insurance pricing model will revolutionize the computer science. The old chestnut of halting problem will forever join the phlogiston in the annals of obsolete science. In similarity to the Black-Scholes option pricining model the creators of it will receive either the Fields Medal or the Nobel Prize for their key contribution: instead of the old boolean decision halts/doesn't halt replace it with an insurance contract: keep paying premiums while program runs and receive one-time settlement when the program doesn't halt.

Where do I send money? I mean I need to order some of that great Romanian sparkling wine to stimulate my own creativity in this holiday season.

[killerstorm]

The problem with this idea is that most likely it will be run by assclowns who are totally detached from realities of commercial software development. I mean like MPOE-PR.

It's obvious that the plan is to blame everything on developers, making them scapegoats.

I wouldn't recommend any programmer who cares about his good name to join such insurance business.

So I guess only people who do not mind being paid to be scapegoats will work for you.

Good luck.

[killerstorm]

Functional programming (possible in C++ but perhaps best done in a language designed for it such as Haskell) changes things a lot in that by using extremely well tested and covered "functions" the unit test requirements are greatly simplified (e.g. you are not having to check 1000's of versions of a "for" loop there is only the known "for loop" functions).

Some pieces of code written in high-level programming languages can be formally verified. This doesn't mean that you can be sure that code does what you think it should do, but at least you can be sure that it won't fail in stupid and unpredictable way, so you can focus on high level logic.

However, there is a problem: proof is done on language semantics level, but problem can exist on compiler level, or on runtime library level. I guess verifying Haskell compiler would cost you a lot of $$$$$.

Then, program's correctness generally depends on OS correctness, and operating systems are typically implemented using rather messy C code.

So no one can be sure and no one can check everything.

But still, program written in Haskell, thoroughly verified and running on, say, OpenBSD is far less likely to fail than some piece of shit written in PHP and running on Ubuntu.

So if I read this correctly, there is now a demand for Bitcoin software written in type-safe functional languages? LOL.

[justusranvier]

How much of this article is still relevant?

http://www.fastcompany.com/28121/they-write-right-stuff

[adamstgBit]

my feeling is.

this is crazy no one is going to guarantee someone elsess code is 100% safe...
and what do you do when you come across what looks like bad code... you fix it? and guarantee your fix will not break anything anywhere else?
for any project that has more then 100 lines of code, this service wouldn't cost 100's of bitcoins but 1000's of bitcoin.

guaranteed code 

no way...

[Sukrim]

Also, if someone could audit code in a way to guarantee that it works as intended, this someone also could write a program for that...

What might be more interesting though would be to create unit tests for given pieces of code with 100% coverage. A platform where you post your code and get tests back to integrate in your test suite might already be something to verify against.

[MPOE-PR]

I don't think (from my own research) that anyone has gone as far with this idea as I have (apart from perhaps Charles Symonyi's "Intentional Software" platform ) but I will welcome criticism when I launch the project (the entire website will have 0% manually written source).

Certainly an interesting and valuable thing to try.

… is a code review and insurance service.

Comments welcome.

This isn't only a surefire money maker. The (yet unpublished) Dunning-Kruger-Popescu halting insurance pricing model will revolutionize the computer science. The old chestnut of halting problem will forever join the phlogiston in the annals of obsolete science. In similarity to the Black-Scholes option pricining model the creators of it will receive either the Fields Medal or the Nobel Prize for their key contribution: instead of the old boolean decision halts/doesn't halt replace it with an insurance contract: keep paying premiums while program runs and receive one-time settlement when the program doesn't halt.

Where do I send money? I mean I need to order some of that great Romanian sparkling wine to stimulate my own creativity in this holiday season.

You're such a hater. 

The problem with this idea is that most likely it will be run by assclowns who are totally detached from realities of commercial software development. I mean like MPOE-PR.

The only assclown in this discussion is you. Go away, you've made it plenty obvious already.

Who the fuck ever heard of PR running a project! The article itself states Mr. P is not interested in running it. What part of reading is too difficult for you?

this is crazy no one is going to guarantee someone elsess code is 100% safe...

Safe in the context of insurance and safe in the abstract way you think about it are different beasts.

and what do you do when you come across what looks like bad code... you fix it? and guarantee your fix will not break anything anywhere else?

You don't fix it, you make a note of the problem.

Also, if someone could audit code in a way to guarantee that it works as intended, this someone also could write a program for that...

No, they could not. AI is still an unsolved problem.

[Sukrim]

I wrote guarantee, not promise.

If I can guarantee that code X does Y and nothing else, I have mathematical proof. This can be done programmatically too.

Actually theoretically with a specification that's exact enough one can generate the code on the fly to fulfill that specification. On the other hand this just means that the problems shift from writing good implementations to exact specifications...
All in all the idea is nice and good, I think the risk from both sides is too high to make this work out in a useful way with humans and to audit code with computers we're still a far way away to really audit code.

[killerstorm]

Actually theoretically with a specification that's exact enough one can generate the code on the fly to fulfill that specification. On the other hand this just means that the problems shift from writing good implementations to exact specifications...

Yes, sufficiently complete specification IS code. And incomplete specification is incomplete code, apparently.

So in the end you always need human judgement, it's just that you can spare human a need to inspect boring and trivial parts.

All in all the idea is nice and good, I think the risk from both sides is too high to make this work out in a useful way with humans

If there is at least some inspection and there is some compensation for loss, it is already much better than nothing.

Financing development of more secure software would be a good thing.

The problem is that business types usually want to claim that service they offer is absolutely unbreakable and that they will cover all losses if shit happens. But all they want to spend on development is 100 BTC. LOL.

[MPOE-PR]

I wrote guarantee, not promise.

If I can guarantee that code X does Y and nothing else, I have mathematical proof. This can be done programmatically too.

Actually theoretically with a specification that's exact enough one can generate the code on the fly to fulfill that specification. On the other hand this just means that the problems shift from writing good implementations to exact specifications...
All in all the idea is nice and good, I think the risk from both sides is too high to make this work out in a useful way with humans and to audit code with computers we're still a far way away to really audit code.

Actually formal validation (and the possible move towards ISO27001/9001) was discussed there.

[2112]

There is a miscommunication going on here.

I'm pretty sure that killerstorm had mathematical formal verification in his mind.

http://en.wikipedia.org/wiki/Formal_verification

The ISO stuff mentioned by spyked is a bureaucratic formal verification of management processes, possibly in relation to information technology.

I think the best summary of the ISO certificates is with the old Russian joke: a certificate that you aren't a camel.

http://en.wikipedia.org/wiki/Russian_jokes