Is it more secure to program a client-server system in a language other than English?
Technically slightly, yes. But:
- It would be security by obscurity, which is a bad idea
- It does not boost confidence in your product
- It would be very easy to figure out what does what, it would only take a bit of time
- Google Translate, you can just use meaningless names, it would still not help much
- It would make maintenance harder
- It would make audits very hard, as the auditors may not understand the language
All things considered, it is probably never worth it.
It would not be appreciably more secure. Reverse engineers are often forced to work with systems that do not have any original names intact (production software often strips symbol names), so they get used to dealing with names that have been generated by a computer. An example, taken from Wikipedia, of a snippet of the kind of decompiled C code that is often seen:
struct T1 *ebx;
struct T1 {
int v0004;
int v0008;
int v000C;
};
ebx->v000C -= ebx->v0004 + ebx->v0008;
People who are used to working with this kind of representation are not fooled by the usage of variables and such that are given irrelevant names. This is not specific to compiled code, and the use of C was just an example. Reverse engineers in general are used to understanding code that is not intuitive. It doesn't matter if you are using JavaScript, or Java, or C. It does not even matter if they are analyzing nothing but the communication with the API itself. Reverse engineers are not going to be fooled by the use of random or irrelevant variable or function names.
Not really - all of the built-in functions will still be in English, so it wouldn't take much extra effort to work out what your variables are going to represent. It might slow someone down slightly, but given that people still manage to reverse-engineer code with single character variables all over the place, or which has been run through obfuscators, swapping the language used for variables and functions just means doing a find-replace once you've worked out what one of your variables is used for, then repeating until you have enough understanding.