Backdoor discovered in Ruby "strong password" library, takes your "strong passwords" and uploads them into a pastebin nakedsecurity.sophos.com/2019/

Hi, do you believe me when I say we need ocap security yet

@cwebber I think this problem could have been solved with a purely functional programming language. Although the compiler would need an option to disable any unsafe* functions (like the ones in haskell).

Side-effects are really dangerous, this proves it.

@jorge_jbs Even purely functional programs *do* get access to side effects though, because you need to do do anything useful. They do it through a monad.

The question is: who gets access to that monad?

You're right that functional programming can help, but it isn't that the language is functional itself that does it, it's that it supports higher-order functions and the ability to pass around references.

@cwebber If the library's interface doesn't return any monad (for example, isPasswordStrong has type String -> Bool) then there is no need to give access to any monad, everything is pure.

This library seems like a good fit for a pure library. If it needed some types of side-effects (but not all) you could return the FileAccess monad, or something similar.

All the code has access to all the monads. Executing them is another story.

@jorge_jbs You may be right that this is protecting the right behavior/safety. The way you described it, you can only perform side effects if you've explicitly been handed the reference, does sound like exactly the reference-based-ocap-security stuff I'm talking about. That approach isn't limited to purely functional languages, but you've correctly identified a purely functional way to do it.

Follow

@cwebber I don't know how ocap works, but yeah, it looks we're saying the same thing but implemented in different ways.

Sign in to participate in the conversation
mastodon.cloud

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!