YouTube home Comedy Week on YouTube
Upload

The Lazy Programmer's Guide to Secure Computing

GoogleTechTalks GoogleTechTalks·1,782 videos
147,876
40,065
Like     Dislike 17

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to like GoogleTechTalks's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to dislike GoogleTechTalks's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to add GoogleTechTalks's video to your playlist.

Uploaded on Mar 19, 2010

Google Tech Talk
March 11, 2010

ABSTRACT

Presented by Marc Stiegler.

This presentation starts with a simple block of code written by the Lazy Programmer, to observe how laziness made the code more compact and simpler. We then define the Principle of Least Authority(POLA), and explain why it is a best practice for secure programming. We show how laziness in that first example enabled enforcement of POLA. We then put the Lazy Programmer through a series of increasingly more difficult tasks as management attempts to make the Lazy Programmer work hard. To achieve maximum laziness, the Lazy Programmer is driven toward increasingly more modular, encapsulating OO designs that happen to implement POLA; ultimately compelled to build systems with defense in depth to avoid work. A secret truth is thus revealed: lazy OO programmers have been using secure techniques for decades, if only they had known. We then describe the tools that turn laziness into correctly enforced security for JavaScript, Java, and distributed computing.

Marc Stiegler is a researcher at Hewlett-Packard Labs who has written "Introduction to Capability Based Security," and designed CapDesk and Polaris, a windows overlay that isolates applications from one another to allow virus safe computing.

The interactive transcript could not be loaded.
Ratings have been disabled for this video.
Rating is available when the video has been rented.
This feature is not available right now. Please try again later.

Top Comments

  • naughttube

    naughttube 2 years ago

    He is a funny guy :) This video makes me want to perfect my laziness :)=

    · 8

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate naughttube's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate naughttube's comment.
  • jp3d2k

    jp3d2k 2 years ago

    "efficiency" is simply a euphemism douchebags use for their laziness ;-P

    · 4

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate jp3d2k's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate jp3d2k's comment.
    in reply to NPderive (Show the comment)

All Comments (20)

Sign in now to post a comment!
  • Florin Jurcovici

    Florin Jurcovici 2 weeks ago

    IMO, laziness is a quality every good programmer must have.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Florin Jurcovici's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Florin Jurcovici's comment.
  • Lava Kafle

    Lava Kafle 3 months ago

    wowowow great security laziness

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Lava Kafle's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Lava Kafle's comment.
  • gedq

    gedq 11 months ago

    he may look sweet but you just know he's got a robot powered island full of minions somewhere just waiting to make his move. His lazy move.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate gedq's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate gedq's comment.
  • 石村 耕平

    石村 耕平 1 year ago

    i think His talk is easy to understand and useful.

    Thanks for posting this informative video!

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate 石村 耕平's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate 石村 耕平's comment.
  • opaqueproductions235

    opaqueproductions235 1 year ago

    and what do you do for work...  you merit-less prawn.. It really is the freaks and mutants that save and create this shared world.. hope you enjoy your life in the customer service field loser..

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate opaqueproductions235's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate opaqueproductions235's comment.
    in reply to HDFuXoNiz (Show the comment)
  • Alpha Male

    Alpha Male 1 year ago

    I am being serious! Excellent content and quality video...

    · 2

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Alpha Male's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Alpha Male's comment.
  • gbsons

    gbsons 1 year ago

    That guy your calling nerd probably has a mansion three times the size of your house.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate gbsons's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate gbsons's comment.
    in reply to HDFuXoNiz (Show the comment)
  • James Donnelley

    James Donnelley 1 year ago

    Mark has considerable experience with Windows, but as you say not working on what is typically considered Windows 'security'. That is not working on internal features of Windows to do permissions checking, authentication, etc. Instead he has focused most on changing the game of Windows security by working on the HP Polaris project that provided a POLA environment for execution of programs running under the Windows API,

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate James Donnelley's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate James Donnelley's comment.
  • strcmt

    strcmt 2 years ago

    awesome programming explanation!!!

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate strcmt's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate strcmt's comment.
  • Loading comment...
Loading...
Loading...
Working...
Sign in to add this to Watch Later