> To get REALLY back to the point, I'd like to comment on Fabien's comment > that "In my opinion, it's the most important things for a languages, > something to easily validate user input or to encrypt password are a must > have." Fabien is right, but increasingly that's only half the problem. > There also needs to be something in the libraries for the language to > securely store data that can't be one-way hashed, as are (inbound) > passwords. For example, if I need to store the password my application > needs to authenticate to a database, or other critical data, it would be > nice to have that built into the language libraries, instead of having to > build it myself. It would certainly reduce the number of programmers who > build such storage mechanisms themselves, and insecurely at that.
I'm really glad to see this point raised. I really have very little interest in the "which language" debate, because most of the software I see depends so heavily on *libraries*. The real genius of Java in my opinion is that they slapped a standard API on top of just about everything (graphics, databases, networking, phone systems, microplatforms, crypto, and much more). Some other languages have also been successful here in a somewhat less standardized way. But just slapping an API on something is not the same as making it easy to use securely. Java's JCE is a perfect case in point - they encrypted the API itself! ;-) To me, it's far more important that the libraries are easy to use securely than language syntax stuff. So how do we encourage library writers to write APIs that are easy to use securely? I'd like to see libraries that force the developer to explicitly do something special if they want to get around the default secure way of doing things. It's not enough to just include a bunch of security features into the libraries. I've seen far too many libraries that expose a very powerful API and make it too easy for a developer to make security mistakes. Does anyone have pointers to articles on designing API's so that they are easy to use securely? --Jeff Jeff Williams Aspect Security http://www.aspectsecurity.com
