|
|
|
|
|
|
by nickpsecurity
3361 days ago
|
|
|
Although you're joking, Perl was invented to make an NSA project easier to develop. That project was first, high-assurance VPN: BLACKER. It was also NSA's attempt to do something secure for once since they lost the argument to INFOSEC co-founder, Roger Schell, where they thought only communications security, not computer security, mattered. They contracted it to TRW who made a lot of secure stuff & government systems in general back then. Larry Walls was a smart, properly-lazy programmer working at TRW who wanted to make irritating parts of his job easier with better tools. The resulting tool, PERL, had much more impact than BLACKER VPN. ;) Whereas, the NSA's project failed initially because the team couldn't design a security kernel that had great security and acceptable performance. Told NSA they'd have to pick one. Schell told NSA he knew a guy with a design, GEMSOS, with both properties. NSA reluctantly used GEMSOS in BLACKER. The first, highly-secure VPN w/ general-purpose kernel was born. Who knows what the deployment or usability side of it was, though. Classification rules kept them from publishing on it for a decade or so where it then got paywalled. Classification is probably why Larry Walls didn't say much about BLACKER when describing its history. At least ones I read. http://ieeexplore.ieee.org/document/213253/?arnumber=213253 http://www.cse.psu.edu/~trj1/cse443-s12/docs/ch6.pdf |
|
|
A few points of note: it's rather weird to call BLACKER a "VPN"; it's likely much broader than this (it's a network, crypto suite, secure kernel, system architecture, etc), and yet encompasses a very different goal. In fact, the degree to which it originates out of secure kernel research is, we argue in our paper, somewhat unclear, and perhaps this is only a small part of the equation.
If anyone has any additional information about these early architectures, I would love to speak with you, contact me at http://iqdupont.com.