Flight to San Jose
I also had to discuss a little of what I’ve been up to since arriving at UCI, to the rest of my adviser‘s group. It looks like I’ll be working on information flow in SpiderMonkey. More on that topic will have to wait until I’ve assembled my thoughts. For now I’m hesitating about which of the two most prominent approaches: (1)Make extensions to the language, like JFlow, or (2) deal with generic security policies at the bytecode level. Alternatively, I could try to generalize data tainting to a full fledged type system, orthogonal to the existing type system. I’d kinda like to see if allowing the programmer to extend the type system in this way would have any benefits for software engineering, or if the added complexity would be too burdensome.