Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Friday September 23 2022, @11:35PM   Printer-friendly
from the leaks-are-for-kids dept.

Arthur T Knackerbracket has processed the following story:

Mark Russinovich, the chief technology office (CTO) of Microsoft Azure, says developers should avoid using C or C++ programming languages in new projects and instead use Rust because of security and reliability concerns.

Rust, which hit version 1.0 in 2020 and was born at Mozilla, is now being used within the Android Open Source Project (AOSP), at Meta, at Amazon Web Services, at Microsoft for parts of Windows and Azure, in the Linux kernel, and in many other places. 

Engineers value its "memory safety guarantees", which reduce the need to manually manage a program's memory and, in turn, cut the risk of memory-related security flaws burdening big projects written in "memory unsafe" C or C++, which includes Chrome, Android, the Linux kernel, and Windows. 

Microsoft drove home this point in 2019 after revealing 70% of its patches in the past 12 years were fixes for memory safety bugs due largely to Windows being written mostly in C and C++. Google's Chrome team weighed in with its own findings in 2020, revealing that 70% of all serious security bugs in the Chrome codebase were memory management and safety bugs. It's written mostly in C++.     

"Unless something odd happens, it [Rust] will make it into 6.1," wrote Torvalds, seemingly ending a long-running debate over Rust becoming a second language to C for the Linux kernel. 

The Azure CTO's only qualifier about using Rust is that it was preferable over C and C+ for new projects that require a non-garbage-collected (GC) language. GC engines handle memory management. Google's Go is a garbage-collection language, while the Rust project promotes that Rust is not. AWS engineers like Rust over Go because of the efficiencies it offers without GC.

"Speaking of languages, it's time to halt starting any new projects in C/C++ and use Rust for those scenarios where a non-GC language is required. For the sake of security and reliability. the industry should declare those languages as deprecated," Russinovich wrote. 

Rust is a promising replacement for C and C++, particularly for systems-level programming, infrastructure projects, embedded software development, and more – but not everywhere and not in all projects.  

[...] Rust shouldn't be viewed as a silver bullet for all the bad habits developers practice when coding in C or C++. 

Bob Rudis, a cybersecurity researcher for GreyNoise Intelligence, who was formerly with Rapid7, noted developers can carry across the same bad security habits to Rust.

"As others have said, you can write "safely" in C or C++, but it's much harder, no matter what dialect you use than it is in Rust. Mind you, you can still foul up security in Rust, but it does avoid a lot of old memory problems."


Original Submission

 
This discussion was created by janrinok (52) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Informative) by maxwell demon on Saturday September 24 2022, @05:31AM (9 children)

    by maxwell demon (1608) on Saturday September 24 2022, @05:31AM (#1273336) Journal

    That tool turns simple, readable C code into unreadable mess.

    --
    The Tao of math: The numbers you can count are not the real numbers.
    Starting Score:    1  point
    Moderation   +2  
       Insightful=1, Informative=1, Total=2
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 2) by RS3 on Saturday September 24 2022, @07:03AM (5 children)

    by RS3 (6367) on Saturday September 24 2022, @07:03AM (#1273344)

    Hmm. I wonder what it does with messy unreadable input.

    Can it be fixed? Or are there any better code translators out there?

    • (Score: 4, Insightful) by KritonK on Saturday September 24 2022, @08:18AM (1 child)

      by KritonK (465) on Saturday September 24 2022, @08:18AM (#1273347)

      I don't know Rust, but the translated code seems to be written in some sort of C compatibility mode that should not be used when programming in Rust. I'm sure that proper Rust integers are not declared as "libc::c_int", Rust arrays are declared as such and not accessed à la C via pointers, and that "unsafe" keyword probably means that the translated Rust code is just as (un)safe as the original C code.

      The compiled code is probably identical to the compiled C code, so that it can be directly callable from C. If so, this means that the translated code combines the disadvantages of Rust with the disadvantages of C! Still, in the far distant future, when C compilers are no longer available, the translator will be a way to maintain legacy C code.

      • (Score: 5, Insightful) by maxwell demon on Saturday September 24 2022, @01:13PM

        by maxwell demon (1608) on Saturday September 24 2022, @01:13PM (#1273376) Journal

        Still, in the far distant future, when C compilers are no longer available, the translator will be a way to maintain legacy C code.

        Given that there are still COBOL compilers available today, I suspect by the time C compilers are no longer available, Rust will be utterly outdated as well.

        --
        The Tao of math: The numbers you can count are not the real numbers.
    • (Score: 2, Insightful) by Anonymous Coward on Saturday September 24 2022, @01:19PM

      by Anonymous Coward on Saturday September 24 2022, @01:19PM (#1273377)

      Hmm. I wonder what it does with messy unreadable input.

      That's where perl comes from...

    • (Score: 1, Touché) by Anonymous Coward on Sunday September 25 2022, @07:55PM (1 child)

      by Anonymous Coward on Sunday September 25 2022, @07:55PM (#1273609)

      I'll never understand why every language needs to fucking change the for-loop syntax. Just leave it. Do something actually useful.

      • (Score: 2) by DannyB on Monday September 26 2022, @03:29PM

        by DannyB (5839) Subscriber Badge on Monday September 26 2022, @03:29PM (#1273722) Journal

        Clojure does away with the for loop. You just use recursion instead. Yes, really.

        --
        People today are educated enough to repeat what they are taught but not to question what they are taught.
  • (Score: 3, Funny) by Thexalon on Saturday September 24 2022, @10:37AM

    by Thexalon (636) on Saturday September 24 2022, @10:37AM (#1273357)

    So perfect for the International Obfuscated Rust Code Contest? I mean, if that's going to be the language of the future, let's have fun with it!

    --
    The only thing that stops a bad guy with a compiler is a good guy with a compiler.
  • (Score: 2) by turgid on Saturday September 24 2022, @05:48PM (1 child)

    by turgid (4318) Subscriber Badge on Saturday September 24 2022, @05:48PM (#1273439) Journal

    f2c turns an unreadable FORTRAN mess into an unreadable C nightmare. So there.

    • (Score: 1, Interesting) by Anonymous Coward on Sunday September 25 2022, @07:57PM

      by Anonymous Coward on Sunday September 25 2022, @07:57PM (#1273612)

      Then there's f2c2rust, put it through google translate, and back again. Compile, ship.