NSA Open Sources Tokeneer Research Project

An anonymous reader writes to mention that the Tokeneer research project has been released to the open source community by the US National Security Agency. The main goal of this project was to show how highly secure software can be developed cost-effectively. "Tokeneer has been written in SPARK Ada, a high level programming language designed for high-assurance applications. Originally a subset of the Ada language, it is designed in such a way that all SPARK programs are legal Ada programs. Ada is the natural choice for mission-critical, high-integrity systems due to its combination of flexibility, reliability and ease of use, and SPARK further adds a static verification toolset that combines depth, soundness, efficiency and formal guarantees."

This smells like a Slashvertisement...

[Wulfstan]

...because although Tokeneer has been released as open source the SPARK toolchain is owned by a company and the specification for SPARK is fully controlled by them. Has money changed hands somewhere?

Useless

[bluefoxlucid]

Java is also the perfect high security language, because you can't make security holes with it. Same with C#. Same with VB.NET. We've heard this again and again from people who simply don't understand the problem.

Very poor summary

[mihalis]

What is being released is a small sub-component of the Tokeneer called the TIS ("Tokeneer ID Station") which reads biometric info about a user and if it matches signs a token so that the user can be authenticated to other components on the workstation. It's potentially an interesting little nugget of code, but not something I expect the open source community to get very excited about.

As for the existing comments on this story, I agree this is a bit like a sales pitch (and I used to work in Ada myself). Note that it's Ada not ADA (it's named after Ada Byron, Countess of Lovelace).

Re:Useless

[Talennor]

Don't say I can't make security holes in Java.

I can make security holes in whatever language I want! Really.

Re:Useless

[ushering05401]

The final line of GP's comment indicates a sarcastic tone was intended. I doubt GP is suggesting that it is not possible to open a security hole with a VB.NET program.

Re:Useless

[kbielefe]

Until you've seen in real life a compiler error telling you that you accidentally tried to add a variable holding a distance in meters to one with a distance in feet, you don't know what you're talking about. Although people can find a way to break any language, some programming languages indeed are much more resistant to bugs than others.

Re:ADA propaganda?

[erroneus]

I don't know one way or the other, but one thing is certain -- anything the tax payers pay for should be owned by the taxpayers and controlled by taxpayers as far as can be deemed appropriate. (So, government buildings cannot be used by the homeless to sleep in!) But something as easy to share as software should definitely be owned by and made available to the people.

I wonder what it would take to get that written into law?

Re:Useless

[Lost Engineer]

Any language with type checking could do that. Ada's selling point is that it's easy to make a static analysis tools for it because you can't do certain things that make static analysis hard. That could actually be said about a lot of "academic" languages as well, but Ada caught on in certain niches a long time ago and so continues to be used.

Re:Useless

[Yvanhoe]

Buffer overflows are not the only security errors out there, you know. Yet it is the only one that the languages you quote prevent.

Re:ADA propaganda?

[IP_Troll]

Copyright (2003) United States Government, as represented by the Director, National Security Agency. All rights reserved.

The copyright notice says All Rights Reserved which means, the NSA claims have all the rights and the contractor has none.

The NSA contract isn't here to scrutinize so what ifs about "who really owns the code" are shots in the dark. Relying on the NSA's claim of ownership is a defense to copyright infringement. Everybody here can develop using the code without worrying about legitimate third party copyright infringement claims.

The fact that the public is able to download the software means the public has access to this software and it is not classified or FOUO.

So, everyone can safely conclude that they are allowed to develop using this code.

I don't mean to be argumentative, the parent post just didn't have a conclusion.

Re:Useless

[GXTi]

The problem is, as always, with the humans: when was the last time you saw an actual application that used instances for scalar dimensions? I've never seen one, because the laziest (and therefore most productive) thing to do is to use a bare integer and just agree on what unit system to use.