NaCl to give way to RockSalt
A team led by Harvard computer scientists, including two undergraduate students, has developed a new tool that could lead to increased security and enhanced performance for commonly used Web and mobile applications. Called RockSalt, the clever bit of code can verify that native computer programming languages comply with a particular security policy. Presented at the June ACM Conference on Programming Language Design and Implementation (PLDI) in Beijing, RockSalt was created by Greg Morrisett, Allen B. Cutting Professor of Computer Science at the Harvard School of Engineering and Applied Sciences (SEAS); two of Morrisett’s undergraduate students, Edward Gan ’13 and Joseph Tassarotti ’13; former postdoctoral fellow Jean-Baptiste Tristan (now at Oracle); and Gang Tan of Lehigh University. “When a user opens an external application, such as Gmail or Angry Birds, Web browsers such as Google Chrome typically run the program’s code in an intermediate and safer language such as JavaScript,” says Morrisett. “In many...