Monday, August 11, 2014

NSA Partially Funded Code

Rolls All Programming Languages Into One

Hey, web developer dudes and dudettes: What's your favorite programming language? Is it CSS? Is it JavaScript? Is it PHP, HTML5, or something else? Why choose? A new programming language developed by researchers at Carnegie Mellon University is all of those and more—one of the world's first "polyglot" programming languages.
Sound cool? It is, except its development is partially funded by the National Security Agency, so let's look at it with a skeptical eye.
It's called Wyvern—named after a mythical dragon-like thing that only has two legs instead of four—and it's supposed to help programmers design apps and websites without having to rely on a whole bunch of different stylesheets and different amalgamations spread across different files:
"Web applications today are written as a poorly-coordinated mishmash of artifacts written in different languages, file formats, and technologies. For example, a web application may consist of JavaScript code on the client, HTML for structure, CSS for presentation, XML for AJAX-style communication, and a mixture of Java, plain text configuration files, and database software on the server," Jonathan Aldrich, the researcher developing the language, wrote. "This diversity increases the cost of developers learning these technologies. It also means that ensuring system-wide safety and security properties in this setting is difficult."
That system-wide safety and security properties bit is important, and perhaps might explain why the project is backed by the NSA.
See, beyond all its standard spying and data collection, the NSA also has to protect its own systems from hackers, and, ostensibly has some sort of obligation to help American companies do the same. By confining everything you need for a web app or a mobile app or a webpage in one place, it'd theoretically be easier to lock it down, as Aldrich explained.
He also notes that it's "designed to help developers be highly productive when writing high-assurance applications."
A "high-assurance application" is code for "one you really don't want to screw up." It's usually used to refer to military code and applications that the armed forces uses for communications, missile systems, radar, medical devices, and that sort of thing.
I could be totally wrong—the NSA does fund all sorts of things in all sorts of fields, and it may have other plans for it. But security seems the most obvious, at this point.
In any case, Aldrich says that Wyvern can automatically tell what language a person is programming in, based solely on the type of data that's being manipulated. That means that if the language detects you're editing a database, for instance, it'll automatically assume you're using SQL.
The language is working in a prototype mode at the moment, and, as with most new programmery stuff these days, it's all open source, so you can see how it works exactly over at GitHub. Please let us know if you can think of other reasons why the NSA might be interested in its development.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.