 It's been a while since I've had GPS up in really any capacity. It's been a while since I've done anything with Aida. But I want to show something that I think a lot more people should be aware of, especially since the community at large seems to ignore this, even though it's something that I reported almost 12 years ago and something could have been done about it. Aida is touted as a highly reliable and highly secure language that it was meticulously crafted to be suitable for systems where failures are not acceptable. It's not. It's not even close. I'm not the hacking kind of person. I don't really know how it works. I can watch videos of speed of video game glitches, especially the speed runs, which I have it all over the place. I'm just like, oh, you guys find this stuff. It's fascinating, but I don't. Man, I can log 400 hours into a game and not see a single bug. I just, I don't know, I found out about both of the things I am going to be showing when I was 17. I had reported them both when I was 17. One of them, I got told I was horribly misunderstanding things and that Aida's approach was actually the best approach. Now, we know it's not. The community overall is well aware of the problem that Aida's approach in this one thing has, so it took the wrong one. And rather than modify it slightly in a future revision, they just chose to stay exactly the same for backwards compatibility, which means Aida's really much more of a language for backwards compatibility than it is for highly reliable software. But the other one, they didn't say I was misunderstanding things. They were saying it shouldn't be changed, that it's not really a problem and that you need to keep things compatible. But that's business doublespeak. If you don't need to change things, if it's not a problem, then you wouldn't change anything. You're not going to adjust the language itself for something that isn't a problem, but you're also saying you're not going to adjust the language because you need to keep backwards compatibility, which means it is a problem and you're choosing not to. I'm well aware of how business doublespeak works. Don't pull that. You're advocating your software things where people's lives are actually at stake and you're pulling business doublespeak that puts reliability below other things. Let's get into this. What I'm setting up here is just a very small example library. I'm doing this to show that you don't actually need the sources as part of your project, that as long as you have the library installed, so you can pull this off with third-party libraries, that you can get access to stuff that's been declared in them privately. All this is a color type which has an enumeration of some basic colors, as well as an object type, which I'm clearly not being creative about naming here. The object type is publicly exposed but privately declared, so this field is not publicly accessible. You can only accept modify this in really anything that has private viewability of this. Because of that, because we cannot use a record aggregate, we have to use a constructor function. You can see it just takes the color and returns the object. Because I need something to show this off, I have a very contrived example where it just does, you know, put byitis convention that's right to the console, the color inside of the object. And you can see I have this partially incomplete for right now because I want to show you guys that an error in fact does happen, but also kind of the problem with it. We have the constructor function and like I said it just it's a wrapper around the aggregate since we can't actually write this ourselves in code that's consuming this. And then we have this. Now this is incomplete. I haven't handled all of the cases and if we go and build all, you can see oh I forgot I tweaked the name of this a little bit. So you can see that it's complaining about the case that we hadn't put in there. So you can make that go away, buy, and now you've handled all of the cases. So what's wrong with this? Well here's where you're really introduced to the first part about how Ada makes you feel good about your code but really isn't protecting it. This is that thing I was talking about with how the programming community at large knows what's wrong with this but Ada tells you it's fine and Ada's compilers are really strict and the language is remarkably well defined and was meticulously crafted so surely they notice what's wrong with this. I mean it doesn't look like anything's wrong with this. Right? Let's trust the compiler here just so that I can show how the language gets this wrong. We're basically done here now that this is built. I just want to remind you guys again that while this type is visible this field is privately declared so anything consuming this will not be able to see this. Okay? We've got this built now I need to install it and I'm using gps just so that I have easy access to gprs and uh that means I'm going to be doing this so that should be installed and just because I'm so used to these tools breaking uh nope it did manage to install it so we are good. Now I'm going to switch over to my other project and I've been calling this abuse because that's pretty much what I'm doing. I'm abusing the language. Um oh I do need to change this just to show off uh something that is part of the reason why people wind up having too much confidence and I think that it really protects you when it's not. Okay so I decided to just add another package and we can just reference it um it's not going to build this way anyways because this is what people normally try to do but we're just going to add a procedure called violate and the idea is that it's going to violate the supposed protections that Ida has and we're going to work on and I rename that so we just need to do this object type and I'll need to change that here. So what we'd like to do is a view overlay to mess with the um enumeration and these are actually ridiculously easy to set up. We want to overlay the integer and the object's color but you can see that I'm not it's not working um this isn't an issue right now with the code that I'm setting up this is an issue with gps and gps isn't the one that isn't working so let's try doing this we're gonna just no that's fine that's fine uh so let's just try building this because I think it's an issue of it not having the cross references that it's supposed to have uh object type let's try building that again okay perfect so we need to with example and use example and now still not getting anything address use object okay well either way uh if you were to go in and reference this you can see that the because the specs have to be distributed regardless and you can see here in the spec because the private part of the specification is still has to be published but you could see that there is a field called color so let's just try to access that regardless and we want to say that it's overlaid onto the same address so that if we do this we'll set both of them at the same time and sure enough it says that there's no color uh no selector for color uh for the private uh type object type and I mean technically there is I seem to certain modern languages give a much better error message uh here but this is it really isn't incorrect because there's no publicly visible selector color so that's fine that's that's fine you really don't benefit at all by it saying that oh well that selector is only private like this is fine as a result of that people will think that oh well it's it's got you covered it's making sure that you can't access that because you declared it as private wrong the way around it is to access that as a child and I need to change these as well should have done before I started but you can see that we're not doing anything that we didn't do before this is literally the exact same code the only exception is that it is a child package of the one that we're trying to to mess with and this built that's already not a good sign um I can show this as well you can see our gps isn't going to do its thing let's try no I guess I'm just not getting any cross-reference information for anything that's that's lovely okay so assuming this was working properly gps was working properly uh it would have an intelligents pop up for color because it can now see that field is there this built so let's run this now right now we're not doing anything manipulative we're not calling the violate procedure we're just you know initializing the object with the red color and putting to the console now this should say I'm red and sure enough we get I'm red good now naively 42 is obviously not one of the enumeration members you might think that this is working by I don't know not actually putting things on the same exact address but that's literally all we're doing here is we're saying in view is 42 we are not touching object color we are not reassigning that at all not obviously anyways there's that's why this is called a view overlay you're viewing an address as another type which does allow you to write as another type and it's clearly not hard to set up um so that's all we're doing is we're saying in view is 42 that's it and it already said our library was all good boom we just threw an exception because this isn't good this isn't good at all you see what we pulled off is well actually numerous things a violation of the open close principle in that uh when you're doing good object oriented programming you should not be able to modify the type at the very least it should be validated when modifying and it has no way at all to validate itself with what I did to it uh normally the approach that object oriented languages take at least ones that have developed with the times and have kept current on good computer science principles they deal with this through patterns or not patterns I've got my mind elsewhere through um properties the idea being that when you set the property you will potentially do some validation you can have validation logic inside of that so it's it looks like it's a value a field rather you're going to sign it a value just like it's a field but it does that validation that's really useful and it doesn't do that you can use the sort of pattern the the property pattern that java uses but it really should integrate that as the first part of the language it's a safety thing and you're a language which claims to care very much about safety of code and good reliable software and another thing is that what i'm talking about with the case statements and how we violated the enumeration what the community at large has realized is that your compilers really should check to make sure that all um all declared values are handled but also that there is a default case so not that all valid values are handled and then that's the end of it but that all possible values are handled and it doesn't do that it only checks that all valid values are handled and so we just introduced an exception to code that really should never throw an exception with barely any lines of code it's done that's not good finally the i would say just really glaring problem here that allows basically all of this to happen is that it is accessibility modifiers are basically non-existent and are severely limited in the way that they are implemented everything is just either public or private and it's not private in the way that basically every other language thinks of private it's not private it's i can't be publicly viewed but i can be viewed from inside of my package and inside of all child packages now there are uses for that i think maybe what you probably want to do is like a variation of internal where it's well exactly that where it's viewable inside your own package and inside child packages but not beyond that point maybe even better yet is the true internal where it's visible from inside your assembly inside your library in this case but not outside of that there's no concept of protected either and that introduces quite a few problems in fact the private happens to be both protected and internal as they're normally thought of and is about as far away from private as you could get without actually being fully public it's really bad and a lot of these things build up to make you think that your software is a lot more reliable than it really is now there are more problems i'll save those for another time uh i'm gonna get some flak for this video so that should be fun if there's enough of it i'll do a hate comment reading but until the next video have a good one