We are trying to investigate this experimentally, but it’s hard: https://www.nsa.gov/research/tnw/tnw211/articles/pdfs/TNW_21-1_2015_Article5.pdf <https://www.nsa.gov/research/tnw/tnw211/articles/pdfs/TNW_21-1_2015_Article5.pdf> https://www.usenix.org/system/files/conference/cset15/cset15-ruef.pdf <https://www.usenix.org/system/files/conference/cset15/cset15-ruef.pdf>
> On Jan 12, 2016, at 11:39 AM, Will Sargent <will.sarg...@gmail.com> wrote: > > > Which thing? There’s a big chain in there: > > That they’ve written secure code, > that it can be abstracted into general principles, > that it can be turned into a reusable framework, > that it can be made easier than trying to work around it, > that programmers will ever use it, > that programmers will ever write secure code even given a framework… > > Wil. > > -----Original Message----- > From: Dan Kaminsky <d...@doxpara.com> <mailto:d...@doxpara.com> > Reply: Dan Kaminsky <d...@doxpara.com> <mailto:d...@doxpara.com> > Date: January 11, 2016 at 10:35:19 PM > To: Will Sargent <will.sarg...@gmail.com> <mailto:will.sarg...@gmail.com> > CC: Rik Farrow <r...@rikfarrow.com> <mailto:r...@rikfarrow.com>, langsec > <langsec-discuss@mail.langsec.org> <mailto:langsec-discuss@mail.langsec.org> > Subject: Re: [langsec-discuss] composability > > > A thing we need to experimentally investigate, which pointedly, we are not. > > > > On Mon, Jan 11, 2016 at 10:33 PM, Will Sargent > > wrote: > > > > > > > > On Mon, Jan 11, 2016 at 3:00 PM, Rik Farrow wrote: > > > > > >> Funny. I had just written a column about why programmers cannot write > > >> secure code: > > >> > > >> https://www.usenix.org/publications/login/dec15/farrow > > >> > > >> I used Venema and Bernstein as examples of the rare programmers who have > > >> written secure code. And they make extensive use of simple modules, each > > >> running with the minimal amount of privileges needed. > > >> > > > > > > I read the article, but I'm really very happy that there are two > > > programmers who have written secure code, and they're using the same > > > general principles. That means the principles can be taught, and you can > > > make a general framework out of those. Make writing small sandboxed > > > modules the easiest way to write code, and programmers will write secure > > > code. > > > > > > Will. > > > > > > > > > _______________________________________________ > > > langsec-discuss mailing list > > > langsec-discuss@mail.langsec.org > > > https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss > > > > > > > > > _______________________________________________ > langsec-discuss mailing list > langsec-discuss@mail.langsec.org > https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
_______________________________________________ langsec-discuss mailing list langsec-discuss@mail.langsec.org https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
