This repository has been archived on 2017-04-03. You can view files and clone it, but cannot push or open issues/pull-requests.
blog_post_tests/20100228182625.blog

14 lines
3.7 KiB
Plaintext

Plug for a worthy project: Softbound
<p>When I do my ESR-the-famous-geek road show, I get two kinds of questions: the public ones from my auduence, and the private ones from people who buttonhole me afterwards because they politely don&#8217;t want to burden the audience with their particular concerns. Of these, the single most common one is probably &#8220;How do I attract developers to my project?&#8221;</p>
<p>Last Wednesday I was giving a talk at University of Pennsylvania, which I do once in most years because it&#8217;s near me and one of the professors there, <a href="http://www.cis.upenn.edu/~matuszek/">Dr. David Matuszek</a>, is an old friend who likes to have me in once a year as a treat for his students. </p>
<p>One of his colleagues approached me with the familiar question. There isn&#8217;t a good general answer to this one, because how you attract developers depends in subtle and complicated ways on which developers you actually want. But this particular pitch interested me because it could be part of a significant change in the open-source tools infrastructure that I see coming down the pike.</p>
<p><span id="more-1767"></span></p>
<p>The Free Software Foundation&#8217;s Gnu Compiler Collection, and the toolkit around it (ld, gdb, etc.) pioneered open-source compiler technology and has served our community well for a quarter century. But it isn&#8217;t news to anyone that the GCC codebase has been getting old, tired, and sclerotic. The efforts required to fit new compiler technology onto an old framework have required increasingly heroic effort for diminishing returns. FSF policy decisions aimed at hindering reuse of its code by exclusively proprietary add-ons haven&#8217;t helped matters. </p>
<p>There&#8217;s been an upsurge of interest in alternatives to GCC as a workhorse compiler. An increasing amount of that interest has been focused on <a href="http://llvm.org/">LLVM</a>, and while the LLVM folks won&#8217;t talk about wanting to knock GCC off its perch, they are looking ever more like a competitive threat.</p>
<p>Now comes <a href="http://www.cis.upenn.edu/acg/softbound/">Softbound</a>, an LLVM add-on that aims to produce &#8220;hardened&#8221; binaries that are rendered immune to buffer overflows by a compile-time transformation of generated LLVM code. This could have very large implications for the quality and security of C code, <s>and it&#8217;s a capability GCC cannot offer.</s></p>
<p>The project lead, Dr. Milo Martin, tells me he has a proof-of-concept that is not ready for production use. He needs developers to move it from lab demo to production tool. He&#8217;d prefer to do the whole thing in open source, but is considering any path to getting it done, including booting up a company around a proprietary version. </p>
<p>He&#8217;s even proposed a clever tactic that is sure to be controversial: use the new compiler to create &#8220;value-added&#8221; binaries by compiling open-source programs to create &#8220;hardened&#8221; versions that protect against buffer overflow attacks. The compiler would remain closed source and the company would charge for the copyrighted binaries. I told Dr. Martin that I think this end-run of the GPL might actually work legally and technically, but that there&#8217;d be an open-source community mob with pitchforks and peasants at his castle door if he tried it.</p>
<p>So, here&#8217;s my attempt at heading off any such dire confrontation. If you&#8217;re interested in compiler technology, formal methods, or security, please look at Softbound and consider joining up to help so the technology won&#8217;t wither on the vine or have to be taken proprietary.</p>
<p>That is all.</p>
<p>UPDATE: Oops: I&#8217;ll investigate GCC&#8217;s capabilities for bounds-checking.</p>