[langsec-discuss] DHS langsec

Robert Graham robert_david_graham at yahoo.com
Fri Jul 31 03:14:21 UTC 2015


Uh, Peter Neumann is a professional patent troll. If he likes your idea, SRI will patent it and sue you 5 years later over it. I mention this from personal experience -- if IBM hadn't bought out my patents, I'd still be in litigation with SRI.



--------------------------------------------
On Wed, 7/29/15, daniel <daniel.bilar at gmail.com> wrote:

 Subject: Re: [langsec-discuss] DHS langsec
 To: langsec-discuss at mail.langsec.org
 Date: Wednesday, July 29, 2015, 1:20 PM
 
 Hi
 people
 We
 got some unexpected lift for the LANGSEC idea pushing from
 Peter Neumann (he’s a heavy weight on computer risk, at
 SRI/Cambridge U). Just passing it along
 Comment
 by Peter G. Neumann07/21/2015This
 seems to be a very valuable approach. Choosing programming
 languages that can eliminate many of the most common
 programming errors is highly desirable; starkly constraining
 the use of existing programmers, precompilers, and other
 such approaches are also feasible. However, several other
 problems remain that need to be considered. If you cannot
 trust the hardware or if compilers have been trojaned,
 serious vulnerabilities can remain. As another (albeit
 somewhat clean-slate) approach, we (SRI and the University
 of Cambridge) have spent the past five years designing
 hardware that inherently eliminates many of the programming
 problems, and have modified LLVM-based compilers to
 understand the hardware instruction set. See
 http://www.csl.sri.com/neumann/2015oak.pdf
 On Jun 29, 2015, at 8:11 PM, daniel
 <daniel.bilar at gmail.com>
 wrote:
 Hi people
 I
 hope this note finds you well. The US DHS is asking the comp
 sec community for input also on cyber security projects/idea
 to prioritize R&D funding (everyone, also anonymous) http://scitech.ideascale.com/
 If
 you go to “A Trusted Cyber Future”, you’ll see Michael
 Locasto's "(Re)Engineering Critical Information
 Infrastructure Software Using Language-Theoretic
 Security (LangSec) Principles” suggestion.
 It
 would be useful to langsec progress if people registered
 (anon possible, non-US also) upvote the proposal and maybe
 leave a comment. As you will see, few people take the time
 to do this, so a couple of upvotes may make all the
 difference
 ThanksDaniel
 
 
 
 
 
 
 
 --------------------------Daniel
 Bilar www.tinyurl.com/daniel-bilar at daniel_bilar307 509 0452
 
 
 
 
 
 
 
 -----Inline Attachment Follows-----
 
 _______________________________________________
 langsec-discuss mailing list
 langsec-discuss at mail.langsec.org
 https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
 


More information about the langsec-discuss mailing list