Microsoft's Joe Duffy and team have been (quietly) working on a new programming language, based on C# (for productivity, safety), but leveraging C++ features (for performance). I think it's fair to say - and agree with Joe - that a nirvana for a modern general purpose language would be one that satisfies high productivity (ease of use, intuitive, high level) AND guaranteed (type)safety AND high execution performance. As Joe outlines in his blog post (not video!):
At a high level, I classify the language features into six primary categories:
1) Lifetime understanding. C++ has RAII, deterministic destruction, and efficient allocation of objects. C# and Java both coax developers into relying too heavily on the GC heap, and offers only “loose” support for deterministic destruction via IDisposable. Part of what my team does is regularly convert C# programs to this new language, and it’s not uncommon for us to encounter 30-50% time spent in GC. For servers, this kills throughput; for clients, it degrades the experience, by injecting latency into the interaction. We’ve stolen a page from C++ — in areas like rvalue references, move semantics, destruction, references / borrowing — and yet retained the necessary elements of safety, and merged them with ideas from functional languages. This allows us to aggressively stack allocate objects, deterministically destruct, and more.
2) Side-effects understanding. This is the evolution of what we published in OOPSLA 2012, giving you elements of C++ const (but again with safety), along with first class immutability and isolation.
3) Async programming at scale. The community has been ’round and ’round on this one, namely whether to use continuation-passing or lightweight blocking coroutines. This includes C# but also pretty much every other language on the planet. The key innovation here is a composable type-system that is agnostic to the execution model, and can map efficiently to either one. It would be arrogant to claim we’ve got the one right way to expose this stuff, but having experience with many other approaches, I love where we landed.
4) Type-safe systems programming. It’s commonly claimed that with type-safety comes an inherent loss of performance. It is true that bounds checking is non-negotiable, and that we prefer overflow checking by default. It’s surprising what a good optimizing compiler can do here, versus JIT compiling. (And one only needs to casually audit some recent security bulletins to see why these features have merit.) Other areas include allowing you to do more without allocating. Like having lambda-based APIs that can be called with zero allocations (rather than the usual two: one for the delegate, one for the display). And being able to easily carve out sub-arrays and sub-strings without allocating.
5) Modern error model. This is another one that the community disagrees about. We have picked what I believe to be the sweet spot: contracts everywhere (preconditions, postconditions, invariants, assertions, etc), fail-fast as the default policy, exceptions for the rare dynamic failure (parsing, I/O, etc), and typed exceptions only when you absolutely need rich exceptions. All integrated into the type system in a 1st class way, so that you get all the proper subtyping behavior necessary to make it safe and sound.
6) Modern frameworks. This is a catch-all bucket that covers things like async LINQ, improved enumerator support that competes with C++ iterators in performance and doesn’t demand double-interface dispatch to extract elements, etc. To be entirely honest, this is the area we have the biggest list of “designed but not yet implemented features”, spanning things like void-as-a-1st-class-type, non-null types, traits, 1st class effect typing, and more. I expect us to have a few of these in our mid-2014 checkpoint, but not all of them.
What do you think?
The Internet is a surveillance state. An extensive and automatic interception of our communications has almost completely taken away our ability to carry out private conversations. We are constantly tracked and analyzed, and this is a direct threat to our liberties, such as freedom of speech. In fact, it’s a violation of our human rights.
One of the main problems is that we are putting our trust in companies. As Snowden has shown, company surveillance is part of state surveillance (since companies are required to secretly turn over all their data upon government requests). Because of this, we simply cannot put our trust in third parties service providers. Our software must run locally, as opposed to in “the cloud”. And yes, the web is broken too.
As we don’t want to put our trust in other entities, we will need to be able to verify and build the software we use ourselves; this means free software. Furthermore, we need to provide an extensible platform, so that developers can provide a wide range of uncentralized services on top of our system. Since users need to find each other, and since we need an extendable routing service, the Pontarius project decided to use XMPP, and took part in the development of Pontarius XMPP.
Additionally, end-to-end security is absolutely crucial; we have to assume that we have an extremely capable adversery, with lots of resources, and a capability and willingness to perform active and automated attacks to try to break our security. I have experimented with making some modifications to the Off-the-Record protocol in the Yabasta protocol in order to provide these features in a simple protocol. I have identified the following security properties: Confidentiality, integrity, replay protection, authentication, anonymity (measures for public-key protection), identity verifications, deniability, and perfect forward secrecy. I also made a prototype application to, among other things, test the usability of such an application.
During the next year, the Pontarius project is going to build upon these efforts and create a free, easy-to-use, and integrated, software package. We will target the free operating systems. While we will design our front-end on top of GNOME, we will provide D-BUS bindings so that other free desktop environments can interface with our services as well. Initially, we will provide instant messaging capabilities similar to those Off-the-Record clients. The goal, however, is to develop many different applications and services. These applications could work with calendars, documents, application stores, and much more.
Please contact me if you want to know more, or if you’re interested in joining the project.