The Changing Landscape of Programming Technology

1
The Changing Landscape of Programming Technology

• Karl Lieberherr
• Northeastern University

2
Swiss connection

• PhD from ETH Zurich Pascal, Modula, Oberon
  (Wirth)
• Sabbatical 2000 with UBS Zurich
• Sabbatical 2006 with Novartis
• Collaborations with ABB and Mettler-Toledo
• One Swiss PhD
• Yearly summer vacation in Switzerland

3
How I came to Boston

• 1983 GTE in Waltham, now Verizon
• 1985 tenured full professor at Northeastern
• I like it here!

4
Goal

• We want reliable and secure software.
• No technical vulnerabilities.
• Not enough social vulnerabilities are also very
  important in the age of the web.

5
Outline

• Program Organization
• Crosscutting Concerns
• Law of Demeter
• Programming Team Organization
• Extreme Programming
• Security
• Social Phishing
• SAT solvers

6
Software bugs

• Excel 2007 multiplication bug September 2007
• 850 77.1 should be 65535 but displays as 100000.

7
Program Organization

• cross-cutting concerns
• the tyranny of the primary decomposition
• organize software into modules
• group functionality that lives in several modules

8
Law of Demeter

• Organization principle for objects
• talk only to your friends
• each object talks only to a limited number of
  other objects
• avoids information overload for the programmer
• from Northeastern
• Leads to objects that are easier to change

9
Extreme Programming

• Planning around User Stories
• Small Releases of Functionality
• Simple Design
• build what is asked for, no design for the future
• Continuous testing

10
Extreme Programming

• Pair Programming
• Collective Product (Code) Ownership
• Design, Coding Standards
• Continuous integration
• On-site Customer Representative

11
SAT Solvers

• a fundamental topic in computer science
• express your wishes
• computer satisfies as many as possible
• used for software and hardware verification
• based on learning from mistakes
  (non-chronological backtracking)
• can solve systems with over 100000 parameters
  (variables)

12
Social Phishing

• friendly email message tempts recipients to
  reveal more online than they otherwise would.
• impersonating a trustworthy entity

13
class project at Johns Hopkins

• find publicly available information from social
  networks MySpace, Facebook, LinkedIn.
• how can a phisher exploit social network data?
  very easily and effectively
• over four times as likely to become a victim if
  they are solicited by someone appearing to be a
  known acquaintance

14
Observations

• 77 females, 65 males
• But trick males by sending them a spoofed message
  appearing to come from a female (68 if message
  from female versus 53 if from another male)
• somewhat reassuringly computer science students
  were the least vulnerable

15
Observations observed reactions after debriefing
message

• Anger
• significant social cost to victims
• Denial
• we find it difficult to admit our own
  vulnerability many successful phishing attacks
  go unreported

16
Conclusions

• Still a very exciting time in computer and
  information science.
• Computer science students have excellent job
  prospects, despite outsourcing.