Sunday, August 31, 2008

Programming language design and security

I suspect quite a few programming language designers just don't care about the security of the languages and the systems built by them. Maybe I'm too pessimistic, but a recent experience brought me the idea.

I was an audience at an event called Lightweight Language Future yesterday in Nakano, Tokyo, Japan. I only attended the first two sessions. The second session was a panel discussion about the programming language 100 years later. While the discussion was technically intriguing, I heard not a word about security at all during the panel. Two of the panelists (names withheld because I don't want this article to be a personal attack to them) were the principal designers of popular lightweight languages, so I asked them in the Q&A session about how they would deal with the security issues which would become more serious in the future. One of the answers surprised me; the person told me that VMware would do.

I understand virtualization in various operating system layers, including VMware and FreeBSD jail, is surely a good hack to control the damage area in the whole system to run a public access system. I think it's not sufficient at all, however, to prevent future security incidents; if a programming language is potentially vulnerable to attacks, the systems built by the language will be also equally vulnerable.

I think programming language designers are not exempted from the responsibility of (at least trying to) making computer systems secure. If I could hear more constructive ways of solving the security problems in the answer from one of the panelists, such as:

  • protecting the language from the buffer-overflow bugs;
  • preventing the garbage collector from crashing even in a hostile environment where the external attackers try to deliberately manipulate the pointers or variables to hack into the protected memory area;
  • implementing a syntax or semantics validation system in the programming language so that the programmers can apply it to validate the external data, such as those from the network-connected users; or
  • preventing the race condition, deadlocks, or any sort of resource starvation by the intentional or unintentional programming;

then I would have been much more convinced. But now I should suspect that quite a few programming language designers just don't care about the security consequences of the features they build into the language.

I don't have a definitive answer to solve the issues of unsecure systems built from unsecure programming languages. All I can write now is that a security-aware programming language will surely help making a secure system. Note that security is not just about privacy and secrecy; it's also about the reliability and fault-tolerance.

Note on 4-SEP-2008: one of my friends later reviewed the panel recording and told me that it was not VMware but VM layer that the panelist answered to me. I still think solely relying on the VM layer is insufficient for building a security structure in a programming language, though.

Tuesday, August 19, 2008

About myself: 1965-2000

This self introduction is a reprint of an article once posted to my own website http://www.k2r.org/kenji/ as a part of my self introduction.


I was born in 1965. I grew up in a Japanese urban community in Setagaya-ku, Tokyo. The whole things changed in 1974 when my father decided to go to Boulder, CO, USA for a visiting professor job at Cooperative Institute for Research in Environmental Sciences of University of Colorado at Boulder.

For the first 6 months of my American life, I didn't speak English at all. We lived there for 15 months, so I was a lousy kid speaking broken English just before when we returned to Japan. I still think the life in the USA was the best of my times. I've never lived abroad since then. I've been keeping up my English proficiency by listening to and watching English-speaking broadcasts, and reading English Web articles.

After coming back to Tokyo, I found out myself I was fatally incompatible with and just way too outspoken than other kids around.The totalitarian and socialist society and elementary schools of Japan did not and still do not accept me. They told and still tell me that I was and I am so-called contaminated with individualism and American way of thoughts. So I had to make a difference to survive.

I didn't have much advantage from the other kids, except for hacking around the radio and audio devices, writing some code on the papers (no desktop PC existed in 1975 in Japan), playing around with electronic circuits, and having no fear for speaking English. I was just a geek. My father Tsuneji bought me a FORTRAN book and a shortwave radio in 1973, the slide rules and electronic calculators in 1974, and a bunch of math books. I learned them mostly by myself.

I went to Musashi high school, a private school well-known for the liberalism. Soon I became a programmer of Apple II in 1979. My programming experience was mostly on 6502 assembly language, 6K Integer Basic, and the GAME programming language. ASCII Magazine bought my GAME-APPLE compiler in 1980 and I earned about JPY200,000 by the sales.During that time I met a lot of talented hackers. Many of them are active in the Japanese Internet R&D scene.

In 1982, my right eye was badly damaged with the retina detachment so I had to stay away from computers. I started to make techno music instead of computer programs, using later well-known techno gears such as TB-303 and TR-909, until 1986. I loved making music, but I didn't feel I belonged to the music industry. I think I made the right decision,after discovering the whole mess of the ripping-off business models.

I went to University of Tokyo in 1984 and there I experienced the harshest part of Japanese career competition. I managed to be accepted by the faculty of Engineering to learn instrumentation physics. I later studied information engineering for my Master's degree. Life in the university was no fun; hanging around with real hackers and real systems were much better.

In 1985 after NTT finally opened up the phone lines to public, I discovered international computer networks and online systems. I soon became an e-mail and BBS junkie. In 1987, I started working with Jeffrey Shapard, who was running an English-speaking system called TWICS, for the VAX/VMS system administration, until 1989. During the TWICS days I met Joichi "Joi" Ito, an English-speaking multi-talented Japanese activist.

Many hackers went for UNIX, BSD, VAX and Sun in 1980s. I was also one of the root-privileged users of a packet-radio UNIX systems, learning vi and hacking with the code. Having an account on an UNIX system was a cool thing. What made my difference was that I ported the UUPC/Extended software package for NEC's PC-9801 computers. It was a version of UUCP software,which performed automatic file exchange and email address relay between computers. And I was a licensed radio amateur (as JJ1BDX since 1976), so I made some gateway software packages linking ham radio TCP/IP mail/NetNews systems and the UUCP-based systems.

In 1990, I joined Digital Equipment Corporation (DEC) Japan, to write the core software of VAX/VMS. During that period, I had a chance to exchange messages to many Internet gurus, including Paul Vixie, a DNS guru and Internet leading technologist, who was working for DEC then. It was really nice to learn the philosophy and principles of Internet from those hard-core hackers.

During my 2 years of Digital career, I was struggling with the corporate bureaucrats, and too many overworking and commuting hours which were eventually killing me. I met Kyoko in 1991, and we decided to get together and married. She told me she had a new job in Osaka from April 1992, so I decided to move to Osaka too. I was looking for an Internet job there, and Kazuo Hirono hired me for one of his research team at TDI Co., Ltd., a Japanese software service firm. We started to build a research lab in Kyoto and the lab was operational from 1993 to 2000, also as a part of WIDE Project Kyoto NOC (POP). Hirono-san taught me a lot of things, and he was very tolerate on my rather individualistic and outspoken communication style. (Hirono-san passed away on June 2007. RIP.)

(Originally written in March 2008)