Comment by TomaszZielinski
3 years ago
The world is such a small place--I open HN and read a movie-grade story about trains that I took many times. In fact, it's even possible I was going by one of those grounded trains..
In any case, either there was no code review, or the reviewers accepted that for one reason or another. Not sure which case is more scary..
Code review by a _third party_? Does that usually happen?
It's clear this was intended by the manufacturer of the trains, who directed the writing of the code, it's not like a hacker put this in without their manager knowing, right?
What kind of code review are you thinking of by whom?
[Wait, reading other comments, I'm thinking HN switched the article at the top, and some of these comments were written when the article at the top had much less information? That may explain why these comments are so confusing!]
In aerospace it definitely does happen. For example, NASA, as a customer, has the right to independently review flight software implemented by contractors.
I can neither confirm nor deny that independent review of software, especially of components involved in chain-of-trust and firmware loading, also happens for some of the largest-scale communication devices available on the global market, as required by multiple governments before allowing heads of state and other critically important persons to use them unmodified. ;-)
I have no idea how software for trains is (or should be) created.
So I meant a regular code review you would do for anything else.
I can see two scenarios at play:
1. either it's "free for all" and someone (anyone?) can put arbitrary shady stuff in the code
2. or there's a process for adding shady stuff to the codebase (some "stakeholder" creates a ticket, someone creates a PR, and the it's reviewed, etc.)
OK, I think someone's manager _told_ them to add this to the codebase. After the manager's boss told _them_ to make it so. And then it maybe got code reviewed, sure, and the code reviewer confirmed that it was bug-free and did what was intended. It is doing what the manufacturer wanted it to do.
I'm wondering if you read the same posts at the top, or if maybe HN has switched the link since you read it and commented? Or if you just reached different conclusions!
My conclusion was that it doesn't appear there is any reason to think this was a "rogue" employee. What motivation would they have to do this? The motivation belonged to the train company that made the trains and owned the the software, the company did it on purpose to try and make other repair facilities look bad and make their train repair facilities look like a better value.
I'm surprised that you seem to be considering that, maybe, like a programmer just put this in there without being told to. For fun? Just out of their own individual motivation to secretly help the company's profits?
4 replies →
A day has passed and today my comments about code reviews don't really make sense to me anymore. I think I lost forest for the trees :).
So now it makes perfect sense to me that you thought it was about a 3rd party review, or about a rogue developer.
That should be a basic requirement for any purchase where public funds are involved in any manner. If something is not open source then third party audit should be a bare minimum.
I’m sure it was the work of a rogue engineer.
Oh, I bet that code was well reviewed and put through some serious testing. You can guess that from the presence of the geofence with additional trigger condition ;)