The Case for Rust (in the base system)

blackbird9 said:
"A new State of Rust survey shows that developers would prefer to see compiler bugs fixed and performance improved rather than new language features added, however, their biggest fear is excessive language complexity."

Excessive language complexity? Oh dear. Second-system syndrome?
Click to expand...
Excessive language complexity? 🤣 It's exactly what scared me away from C++ in the first place.

But even then, I'm seeing new languages pop up and become "The hot new thing that everybody should know about" just about every year, and they all seem to be doing that one little thing slightly different than everyone else. That pattern is not that different from Linux distros (one-dev-show forking Ubuntu into an entirely separate distro project just to run a customized version of Budgie by default).
 
grahamperrin said:
For the curious: FIREBAT T8 Pro Plus Mini PC Intel Celeron N5095 N100 Desktop Gaming Computer 8GB 16GB 256GB 512GB DDR4 DDR5 WIFI5 BT4.2
Click to expand...
There are lots of different badges of these, that was just the first one that came up. If you search for "N100 16GB/512GB mini PC" on aliexpress it finds pages of them. They're all remarkably cheap. There are AMD variants too. The damn thing can drive three (!) 4K monitors. I mean... I guess that's what you can do when you can put 10s of billions of transistors on a SoC chip. Of course the really clever part is being able to mass-produce those chips in high volumes and at low cost. If it's retailing, with shipping, from shenzhen at $100-$150, then what on earth is the BOM? Granted the case and psu costs are going to be comparatively very low, but this must be some kind of record for the price of a brand new PC compatible computer. It even comes with Win 11 (bah).
 
www.whitehouse.gov

PRESS RELEASE: Future Software Should Be Memory Safe | ONCD | The White House

Leaders in Industry Support White House Call to Address Root Cause of Many of the Worst Cyber Attacks Read the full report here WASHINGTON – Today, the White House Office of the National Cyber Director (ONCD) released a report calling on the technical community to proactively reduce the attack...
www.whitehouse.gov www.whitehouse.gov

Did anyone stop to consider that I/O in current OSes is inherently going through unsafe code even in "safe" languages?

And where is the javascript bashing? Might be memory safe but everything else is unsafe.
 
If the common IO base is the only point in the system where you have to worry about if the code is correct, that seems like a small enough surface area to be manageable.
 
msplsh said:
If the common IO base is the only point in the system where you have to worry about if the code is correct, that seems like a small enough surface area to be manageable.
Click to expand...

Well, that is the theory behind Rust. Concentrate the unsafe code in specific, isolated places - so that you can give it extra attention with more review, other policies and other people.

But I/O small - I dunno. Some of the worst security holes have been in programs that are very I/O intensive. Imagine doing constant bit fiddling on a socket to talk a detailed binary protocol. Or implementing ASN.1.

Or think of machine learning and how much of it is Python code feeding a C kernel that is doing the math. Not a small part.
 
Maybe I'm stupid here, but you get the memory from the system call as a chunk of memory-managed memory, noodle around, then send it something back in another memory-managed block. Maybe it's the same block, who cares, it's managed?
 
www.bleepingcomputer.com

White House urges devs to switch to memory-safe programming languages

The White House Office of the National Cyber Director (ONCD) urged tech companies today to switch to memory-safe programming languages, such as Rust, to improve software security by reducing the number of memory safety vulnerabilities.
www.bleepingcomputer.com www.bleepingcomputer.com

Summary article on this here with a video talk from the US national cyber director. If they are going to mandate rust for federal projects then it's going to be big-time. It does look like there is a very big push going on behind the scenes to get it adopted. Torvalds accepting rust into the linux kernel is one case in point.

Maybe the feds have been sold the line that rust is going to save them from things like this:- https://www.theregister.com/2024/02/23/lockbit_extorted_billions_of_dollars/ . Or save them in the event of a cyber-war. Personally I think they've just created a very big headache for themselves.

"As Microsoft discovered years ago, as many as 70 percent of security vulnerabilities identified in software developed using memory-unsafe languages stem from memory safety concerns. This remains true even after thorough code reviews and additional preventive and detection measures, as the company further found."

Strewth blue! If MS says that, we'd better adopt it ... after all, they're the real experts... aren't they? I mean, just look how good their software is...
 
www.nsa.gov

U.S. and International Partners Issue Recommendations to Secure Software Products Through

FORT MEADE, Md. - The National Security Agency (NSA) joins Cybersecurity and Infrastructure Security Agency (CISA) and U.S. and international partners in releasing ”The Case for Memory Safe Roadmaps”
www.nsa.gov

It seems the NSA have said "make it so", last december. Maybe I wasn't so far wrong thinking that they are looking at this to protect them from a coming cyber-war. The report is signed by all the 5-eyes - US, UK, NZ, AUS and CAN.

"Programming languages such as C and C++ are examples of memory unsafe programming languages that can lead to memory unsafe code and are still among the most widely used languages today. In attempts to mitigate the dangers of memory unsafe code in C and C++, many software manufacturers invest in training programs for their developers." Do they? Since when?

Is this the end of the road for C, then? Just when you thought you were going to have to start learning Haskell and Clojure, too... nope, its RUST.
 

These two ex-manager tech journo hacks.. sorry, I meant to say "world reknowned top programmers" at consumer reports clearly know what they're talking about.

"Moving code from C to Rust (or any other language pair) is fundamentally hard because
a machine does not understand the code the way a skilled programmer does. Relying on
a skilled programmer to migrate code to a memory-safe language is too costly."

Don't worry, they're working on that right now... co-gpt-pilot-bard-chatbot version 10 coming up real soon now...
 
blackbird9 said:
And from 2011, we have "safe-C"... who knew?
Click to expand...
To be fair, just use Emscripten (C,C++ -> WebAssembly/JS compiler) and run the output binary via the node.js VM.
This is very feasible for network servers and pretty much ensures it is memory safe (even safer than native Rust).

Bindings are a pain when done this way but they are with any non-C related language too.

Basically the Rust developers are spending their time lobbying the "White House" to do their advertising for them rather than making their language actually feasible. Classic Rust "talkers". Very much par for the course.
 
You must log in or register to reply here.
Back
Top