I Blame The Agency

This week, everyone’s been upset with the NSA because of all the recent disclosures. So I thought I would share with you a story of something good that came from the NSA (well, at least most people think it is good). What prompted this story was a wonderful infographic on the history of programming languages. This great infographic shows the most popular languages, groups them by era (although it completely omits the 1960s and such wonderful languages as Algol 68 and my fave, PL/I). Below is the Infographic… and the story. [Credit: Infographic by Veracode Application Security]

If you look to the year 1987, you’ll see a youngish fellow in a Hawaiian shirt. That fellow is Larry Wall, and the language we’re talking about is the #10 language, perl. Yes, you have NSA to blame to perl.

Back in the mid-1980s, I was working for a little company in Santa Monica called System Development Corporation. Coworkers of mine were Larry, his brother-in-law Mark, and his other brother-in-law Jon. We were all working on this little program called BLACKER. The job of BLACKER was to build was is now called a VPN — basically, developing a way to layer one network on top of another (at different classifications). We were attempting to do this at a very high level of assurance — specifically, at the A1 level of the Trusted Computer Security Evaluation Criteria (TCSEC). Better known as the Orange Book, the TCSEC was developed by the NSA (the part that cares about computer security) to permit product evaluations, to encourage the introduction of security features, and to encourage the production of systems with greater confidence in those features. If you’ve heard of the Common Criteria, that’s a successor criteria to the TCSEC, and you’ll find aspects of the TCSEC in current security control catalogs such as NIST SP 800-53.

In an A1 system, there were many features and assurances required, such as Mandatory Access Control, Audit, Identification and Authentication, and Object Reuse. Assurance came from a very detailed design, formal methods, and control over that design from a technique called Configuration Management. I was one of the folks designing the operating system for one of the BLACKER components; Larry was our systems guy. Larry, Mark, and I were sharing an office; we were also carpooling together.

Larry was tasked with developing a Configuration Management system to support meeting A1. If you know Larry, you know he believes that the best programmers are lazy, impatient, and have excessive hubris. The CM system had to be able to support development at two locations (Santa Monica and Paoli), and produce CM reports. It had to allow people to review changes, and managers to approve them.

So what did Larry do? First, he decided to modify USENET News to handle the CM submissions. Having written rn, he worked up a version that supported synchronization of articles across the coasts and appending to an article. Now CM submissions could be posted to a local newsgroup, managers could review and approve the submissions. But how to produce reports? Awk (at the time) was not up to the task, as it couldn’t march through directories. The result: perl (originally to be named Pearl, after Larry’s wife Gloria, who is a pearl, but renamed perl and bacronymed to “Pathetically Eclectic Rubbish Lister”). Perl was developed to march through the CM directories and produce CM reports.

I was the first actual user of perl. I combined the use of perl and a menuing system I had worked on (Q-Menu) to drive our data dictionary. People could edit the nroff source of the data dictionary, and this would then be automatically extracted to form the include files used by the Pascal system that development was using. Single point documentation.

This, by the way, is why I’m perl’s paternal godparent, and Mark is perl’s maternal uncle. It is also why I wrote the history chapter in the original Camel book (and came up with the true footnote to history).

So, when people rag on the NSA, remember there are a bunch of people there who are working hard to ensure more secure computer systems for everyone, and that over 30 years ago, this work gave the world perl.

 

This entry was originally posted on Observations Along The Road (on cahighways.org) as this entry by cahwyguy. Although you can comment on DW, please make comments on original post at the Wordpress blog using the link below; you can sign in with your LJ, FB, or a myriad of other accounts. There are currently comments on the Wordpress blog. PS: If you see share buttons above, note that they do not work outside of the Wordpress blog.

(Click Here to Comment)