LangSec, or language-theoretic security, has very little to do with the language in which you write your software and everything to do with how that software deals with its input and output. Let's talk about how to apply it to a few real-world problems, including TLS certificates, document formats, and even hardware design!
Falcon talks about LangSec and also about Shadytel's new phone switch - designed from the ground up based on LangSec principles of sub-Turing operation. The talk will start by clearing up some common misconceptions about language-theoretic, such as the idea that it requires you to write your programs using specially-designed languages. Then, we'll get into some actual designs - talking about LangSec's primary use as a design methodology for interchange formats, and considering some LangSec rules to add to JSON and even XML to make them safer. We'll discuss some of the bugs that could have never been, and why they could have never been.
But then, we'll get into the reasons why this methodology can only be applied with care and a full understanding of what is going on. We'll consider emergent complexity, using Shadytel's awkward gear designs as an example of how LangSec isn't going to save us from having to threat model or from having to consider formal properties like closure under composition.