WebProNews

Tag: Rust

  • Google Will Support Rust in Chromium

    Google Will Support Rust in Chromium

    Google expanding its use of the Rust programming language, adding support for it in its Chromium web browser.

    Rust has been gaining steam as a programming language, thank in large part to the memory features and security it provides. Rust has already begun making its way into the Linux kernel, and Google has seen benefits from its inclusion in Android. Similarly, even the NSA has been recommending the use of Rust, and other memory-safe languages.

    Google is now adding Rust support to Chromium, hoping to benefit in the same way it has with Android, as the company outlines in a blog post.

    Our goal in bringing Rust into Chromium is to provide a simpler (no IPC) and safer (less complex C++ overall, no memory safety bugs in a sandbox either) way to satisfy the rule of two, in order to speed up development (less code to write, less design docs, less security review) and improve the security (increasing the number of lines of code without memory safety bugs, decreasing the bug density of code) of Chrome. And we believe that we can use third-party Rust libraries to work toward this goal.

    Google makes the point that Rust was originally developed specifically for web browser development, making it fitting to use it in Chromium.

    Rust was developed by Mozilla specifically for use in writing a browser, so it’s very fitting that Chromium would finally begin to rely on this technology too. Thank you Mozilla for your huge contribution to the systems software industry. Rust has been an incredible proof that we should be able to expect a language to provide safety while also being performant.

    Users interested in the technical details of how Google plans to integrate Rust can read more here.

  • Linux Kernel 6.1 Is Out With Rust Support

    Linux Kernel 6.1 Is Out With Rust Support

    Linux Torvalds has pushed out version 6.1 of the Linux kernel, with initial Rust support being one of the headline features.

    Linux kernel development has been done exclusively in C until now. The addition of Rust could open new doors, making it easier for other developers to contribute to the open source project.

    More importantly, Rust includes a number of memory safety features that are significant improvements over previous languages. This can lead to apps that are more secure, with even the NSA pushing for the adoption of Rust and similar languages.

    According to LWN.net, version 6.1 includes LLVM improvements, as well as a slew of memory improvements.

  • Rust Is Paying Off in Android, Cutting Memory Safety Vulnerabilities

    Rust Is Paying Off in Android, Cutting Memory Safety Vulnerabilities

    Google’s decision to include Rust support in the Android Open Source Project (AOSP) is paying off with less vulnerabilities.

    Rust is a relatively new programming language, one that places an emphasis on memory safety, security, and performance. Google made the decision to support Rust in Android in early 2021, a decision that is already paying off.

    According to 9to5Google, Google says there has been a considerable drop in the number of memory safety vulnerabilities, going from 223 in 2019 to 85 in 2022. Such vulnerabilities now comprise just 35% of known vulnerabilities in Android, as opposed to 76% four years ago. As a result, Google says “2022 is the first year where memory safety vulnerabilities do not represent a majority of Android’s vulnerabilities.”

    Rust has been gaining traction because of its memory safety features. The NSA recently advocated for the use of Rust and similar languages in an effort to cut down on software vulnerabilities. Similarly, the language has been added to the Linux kernel, making it only the second language supported, behind C.

  • Rust, Kotlin, Java, and Python See Huge Growth

    Rust, Kotlin, Java, and Python See Huge Growth

    SlashData has released its 23rd State of the Developer Nation report, and it’s good news for Rust, Kotlin, Java, and Python.

    SlashData researchers looked at the state of the software development industry and found that several languages are experiencing near-meteoric rises in adoption. The survey included some 26,000 developers in 163 countries.

    The report found that some old stalwarts continue to rise in popularity. For example, Java’s community of developers has nearly doubled in the last two years, from 8.3 million to 16.5 million. This was nearly double the overall growth of the global developer community.

    Similarly, Python now has nearly 17 million developers in its community, 8 million of them being added in the last two years. Python has benefited from the growing importance of artificial intelligence (AI) and machine learning (ML), with 63% of ML developers and data scientists relying on the language.

    Despite Java and Python’s impressive growth, Rust and Kotlin are the real winners, with both languages seeing a major uptick.

    Rust’s developer community has more than tripled in two years, going from 0.8 million to 2.8 million. The language’s popularity is largely due to the performance, memory safety, and security that it offers, even being one of the languages the NSA recommends, along with Java.

    Kotlin is likewise experiencing major growth, thanks to being an official language for Android development, one that Google now prefers. As a result, Kotlin’s developer base has more than doubled in the last two years, from 2.3 million to 6.1 million.

    SlashData’s report shows just how much the software development community is changing as a result of various trends, such as AI, ML, the need for memory safe computing, and more.

  • The NSA Pushes for Adoption of Memory Safe Coding Languages

    The NSA Pushes for Adoption of Memory Safe Coding Languages

    The National Security Agency (NSA) is pushing for the adoption of memory safe coding languages in an effort to improve security.

    Software memory issues constitute one of the biggest sources of vulnerabilities for bad actors to exploit. Older, more established programming languages often lack automated means of managing memory, putting additional burdens on programmers to ensure no memory errors creep in.

    “How a software program manages memory is core to preventing many vulnerabilities and ensuring a program is robust,” writes the NSA in its Cybersecurity Information Sheet. “Exploiting poor or careless memory management can allow a malicious cyber actor to perform nefarious acts, such as crashing the program at will or changing the instructions of the executing program to do whatever the actor desires. Even un-exploitable issues with memory management can result in incorrect program results, degradation of the program’s performance over time, or seemingly random program crashes.”

    The NSA is now pushing for the adoption of languages that offer better memory management features, so-called “memory safe languages.” Memory safe languages include C#, Go, Java®, Ruby™, Rust®, and Swift.

    “Using a memory safe language can help prevent programmers from introducing certain types of memory-related issues,” the NSA adds. “Memory is managed automatically as part of the computer language; it does not rely on the programmer adding code to implement memory protections. The language institutes automatic protections using a combination of compile time and runtime checks. These inherent language features protect the programmer from introducing memory management mistakes unintentionally. Examples of memory safe languages include C#, Go, Java, Ruby, Rust, and Swift.”

    Rust, in particular, has gained publicity and adoption for being a memory safe language. Rust has been making its way into the Linux kernel and was chosen by System76, makers of the popular Pop!_OS Linux distro, to create their new COSMIC desktop environment.

  • Rust Could Be Included in the Linux Kernel in 5.20

    Rust Could Be Included in the Linux Kernel in 5.20

    Linux creator Linus Torvalds has said Rust could be included in the Linux kernel as soon as 5.20.

    Rust is a popular programming language created by Graydon Hoare while he worked at Mozilla, with the organization sponsoring the effort. According to Phoronix, Torvalds has said Rust could be merged into the Linux kernel in 5.2.0.

    The Linux kernel is currently written largely in the C programming language. Torvalds and other contributors played around with adding support for C++ some years ago before abandoning the effort.

    See also: Timeshift Backup Tool Finds New Home at Linux Mint

    Adding support for Rust would represent one of the biggest changes to the kernel in its history and would open the door for a number of significant improvements. Specifically, Rust was designed with safety and security in mind from the beginning. Rust has improved tools for memory management, built-in concurrency, and provides ownership and security paradigms. Its performance and low overhead also give it an advantage over many other languages.

    These various advantages have all helped add impetus to Rust becoming the second language for developing the Linux kernel, with even Google throwing its weight behind it.

    “We feel that Rust is now ready to join C as a practical language for implementing the kernel,” the company writes in its Security Blog. “It can help us reduce the number of potential bugs and security vulnerabilities in privileged code while playing nicely with the core kernel and preserving its performance characteristics.”

    With Rust support in the kernel now in sight, Linux users should start seeing the benefits sooner rather than later.

  • Google Using Rust for Low-Level Android Development

    Google is now using Rust for low-level development of the Android Open Source Project (AOSP).

    Kotlin and Java are the primary languages used for creating Android applications, but C and C++ are still used for the core of the operating system (OS). Google is hoping to use the advantages Rust provides by allowing its use in the low-level OS.

    Rust is very similar to C and C++, having many of the same keywords and commands. Like C, Rust also has no garbage collection, making it ideal for integration with C code. What Rust does have, however, is memory safety in the form of ownership.

    Rust provides memory safety guarantees by using a combination of compile-time checks to enforce object lifetime/ownership and runtime checks to ensure that memory accesses are valid. This safety is achieved while providing equivalent performance to C and C++.

    These features make Rust an ideal option for use in the underlying OS. Google has no plans to rewrite the entire Android code base, a task that would be prohibitive. Instead, the company plans on using Rust primarily for new code, where the majority of memory bugs exist.

    Analysis of the age of memory safety bugs in Android (measured from when they were first introduced) demonstrates why our memory-safe language efforts are best focused on new development and not on rewriting mature C/C++ code. Most of our memory bugs occur in new or recently modified code, with about 50% being less than a year old.

    Google’s announcement is good news for the Rust programming language, as well as for Android users.

  • Microsoft Building Team of Rust Developers

    Microsoft Building Team of Rust Developers

    Microsoft is building a team of Rust developers, both for internal work and collaboration with the community.

    Rust is a relatively new programming language. Syntactically, it’s similar to C++, but is designed to offer better safety, especially in how it handles memory management and concurrency. The language was originally created by a developer at Mozilla, with the organization taking a leading role in its development. Much of Mozilla’s Rust team was laid off in 2020, amid the 250 employees let go.

    Since then, some of the biggest names in tech have been snapping up the Rust developers that were laid off. Microsoft is the latest, posting a job listing for a Rust Principle Software Engineer.

    The job listing makes it clear the engineer will work on internal systems, as well as collaborating with the Rust open source community. The engineer will be part of a newly formed team within the company.

    In this role you’ll work closely with product groups around Microsoft to gather requirements and develop tooling improvements for Rust. You’ll join a newly formed team with a vision to support Rust at Microsoft while also collaborating and sharing those improvements with the broader Rust OSS community.

    You’ll be working along with some of the most talented engineers in Microsoft on important internal systems programming workloads.

    Microsoft and other big companies’ support is good news, both for the Rust language, as well as for the developers laid off by Mozilla.

  • Mozilla, Samsung Working Together On New Web Browser Engine

    Mozilla, Samsung Working Together On New Web Browser Engine

    The modern Web browser is most likely powered by one of three engines – WebKit, Trident or Gecko. The latter is currently developed by Mozilla, and is used in its popular Firefox Web browser. One Web browser engine is apparently not enough for the non-profit, though, as it’s now working on another.

    Mozilla and Samsung jointly announced today that they have begun work on an advanced Web browser engine called Servo. The engine will be built in Rust, a new programming language in development at Mozilla that the non-profit hopes will “fill many of the same niches that C++ has over the past decades.”

    A new Web browser engine is already pretty big news, but that’s only half of the story. Mozilla and Samsung are also bringing Rust and Servo to Android and ARM devices. It seems its both parties’ intention to make a next generation Web browser engine for mobile devices that “can fully utilize the performance of tomorrow’s massively parallel hardware to enable new and richer experiences on the Web.”

    At the moment, there isn’t much to show for Servo, but Mozilla says it’s now putting more resources into the project to prove that it can “build a fast Web browser with pervasive parallelism, and in a safe, fun language.” At the same time, the non-profit will also be working on completing the first major revision of the Rust language.

    Like most Mozilla projects, the non-profit is inviting the community to help them develop Rust and Servo. If you would like nothing more to poke and prod untested code, you can grab the source code for Rust and Servo at their respective GitHub repositories.