Re: [Vrs-development] VRS development language

[Seth Johnson]

There are a lot of people who won't buy into this idea of
security/safety (in general, the equating of security with
virtualization), until a clear distinction is made between
security/safety and content control.

Until then, people should be allowed to shoot themselves in
the foot.

Bill Gates' "internal" email emphasizing security went out
nearly the same day that Representative Boucher endorsed the
National Academy of Sciences' "Cybersecurity"
recommendations (authored by a committee that included
Microsoft).  The only part of those recommendations that
made the press was the part that said to hold software
vendors liable for security deficiencies.  The general spin
was that the idea would be a way to "get Microsoft," which
is laughable.

However, the rest of the recommendations include language
very compatible with Senator Hollings' idea of building
content control into logic devices.  Also note Microsoft's
recently revealed patent on a digital "rights management"
operating system.  In addition, Microsoft's current WSDL
work is basically creating a messaging architecture for the
Internet, in a move clearly analogous to the way they
fomented Windows -- emphasizing OOP and the technical
advantages of a messaging kernel while not revealing the
complete set of messages built in.

Seth Johnson

Eric Altendorf wrote:
> 
> These are also good points.  However, I was not actually
> talking about safety in terms of isolation of processes
> from the rest of the system.  That isolation may or may
> not exist depending on the VM, the underlying operating
> system, etc.
> 
> I was talking about the safety of the language in terms
> of the language's restrictions to keep you from shooting
> yourself in the foot.  This includes type safety, memory
> allocation safety, pointer safety, etc.  For example, in
> Java, there are no pointers so you cannot access or
> modify arbitrary areas of memory.  You don't have to
> explicitly free memory, so memory leaks are rare.
> Buffer overrun bugs are virtually nonexistant.  The main
> point is that using a safe language like Java or C#
> leads to much fewer bugs, and faster and easier
> development.  This is the point I wanted to make.
> 
> However, I'm glad you brought up the issue of safety in
> terms of security.  Most security problems are due to
> bugs in the software, and the fewer bugs the software
> has, the more secure it will likely be.  In particular,
> buffer overrun bugs, one of the most common security
> flaws, generally just can't happen in Java or C#.
> 
> I recently looked at the security book that has been
> assigned to virtually everyone at Microsoft in their
> recent 2-month frantic security push (I assume you've
> heard about that).  That book extols C# for making
> obsolete many of the kinds of bugs that resulted in
> security flaws in the past....
> 
> Interestingly, one of the big differences between C# and
> Java is that Java completely eliminates pointers.  In
> C#, you can still declare blocks of "unsafe code" which
> use pointers.  If you never declare such blocks, you're
> safe, but the option is always there.  This may be a
> good or bad thing depending on the kind of software
> you're writing.

-- 

[CC] Counter-copyright:
http://cyber.law.harvard.edu/cc/cc.html