[Cryptography] UK "HCSEC" UK-cleared engineers try to prove Huawei gear secure

[jamesd at echeque.com]

On 2020-02-20 5:46 pm, John Gilmore wrote:
> A recent inflammatory Washington Examiner article pointed me at this
> report:
> 
>    https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/790270/HCSEC_OversightBoardReport-2019.pdf

This report looks to me like a report on the typical product of Chinese 
software engineering and of non engineers supervising engineers, copy 
and paste instead of following the dry principle.

If you use copy and paste to implement a hundred features each with 
almost, but not quite, the same copypasta code, then if your boss is 
measuring your productivity in kilolines of code, your copypasta code 
production becomes insanely high.

And if he is measuring your productivity in bug fixes, you will 
encounter a thousand bugs in a hundred features implemented by copypasta 
code, each caused by almost the same code, or the exact same code, and 
you will wind up fixing each supposedly separate bug separately, but 
after the third or fourth variant of what is the same or almost the same 
bug, your bug fix productivity becomes insanely high.

If you are following the dry principle you will wind up metaprogramming, 
what C++ programmers call template metacode, and lisp programmers 
confusingly call macros, or using metaprogrammed program transformation 
tools as the sqlite3 project does to generate enormous files of plain 
vanilla C. Joe random dumb interchangeable programmer cannot 
metaprogram, and Joe Random pointy haired boss does not know the 
difference between and engineer who can, and an engineer who cannot.

Copypasta in big projects is a big problem throughout the industry, but 
tends to be even worse in China, and worse with Chinese engineering teams.

Because there is so much copypasta code, most of it never gets tested in 
the unit test.  The number of potential bugs is astronomically large, so 
some bugs are bound to get into the release.