Slashdot Mirror


New Programming Language Weaves Security Into Code

Ponca City writes "Until now, computer security has been reactive. 'Our defenses improve only after they have been successfully penetrated,' says security expert Fred Schneider. But now Dr. Dobb's reports that researchers at Cornell are developing a programming platform called 'Fabric,' an extension to the Java language that builds security into a program as it is written. Fabric is designed to create secure systems for distributed computing, where many interconnected nodes — not all of them necessarily trustworthy — are involved, as in systems that move money around or maintain medical records. Everything in Fabric is an 'object' labeled with a set of policies on how and by whom data can be accessed and what operations can be performed on it. Even blocks of program code have built-in policies about when and where they can be run. The compiler enforces the security policies and will not allow the programmer to write insecure code (PDF). The initial release of Fabric is now available at the Cornell website."

6 of 216 comments (clear)

  1. Re:beat this by Anonymous Coward · · Score: -1, Troll

    otogay 10

    your code is gay

  2. Re:Tall statement by recoiledsnake · · Score: -1, Troll

    Yes, and it does not prevent burglary either. If you mess up the transport & application protocol you are in trouble, but what has that to do with secure *programming*? Christ, I bet you can make programs with it that display your password in 10 feet high numbers as well (given a large enough monitor).

    If you read the title and summary, it talks about security, not secure programming.

    --
    This space for rent.
  3. ho80 by Anonymous Coward · · Score: -1, Troll

    channel #gNAA On downward spiral.

  4. Re:Instead of a new language... by BlackSnake112 · · Score: 0, Troll

    Ada was not an OO language at first. The compiler wanted to know everything at compile time. Which is why Ada if it compiled successfully, the program often ran. You may have not gotten the result you wanted, but the program ran without error. When Ada switched to OO it screwed a lot of things up. Why do you think the air traffic control systems took so long? The OO Ada was saying yes you can land your plane in the middle of a hurricane and 5 tornados. I knew some people working on the new control tower software. That was a serious problem.

  5. Re:beat this by Anonymous Coward · · Score: -1, Troll

    My mom fucks your mom in the ass with her strappy strap

  6. YAD ( Yet Another Dissertation ) by FlyingGuy · · Score: 0, Troll

    It simply boggles the mind that some well intentioned, but woefully misguided Ph.D candidate gets the idea of his or her dissertation published as a usable program / Language Extension.

    When will they learn that no amount of crap (This code) piled on top of crap ( Java interpreter ) piled on top of crap ( JVM ) piled on top of crap ( O/S ) piled on top of crap ( exploitable microcode) that the exploits are reflected all the way back to the top of the heap of crap and no matter how you dress it it is still a huge heap of crap!

    --
    Hey KID! Yeah you, get the fuck off my lawn!