Slashdot Mirror
Mozilla Will Fund Code Audits For Open Source Software (helpnetsecurity.com)
Reader Orome1 writes: The Mozilla Foundation has set up the Secure Open Source (SOS) Fund, whose aim is to help open source software projects get rid their code of vulnerabilities. Projects that want Mozilla's help must be open source/free software and must be actively maintained, but they have a much better probability to being chosen if their software is commonly used and is vital to the continued functioning of the Internet or the Web. Three open source projects -- PCRE, libjpeg-turbo, and phpMyAdmin -- have already gone through the process, and the result was removal of 43 vulnerabilities (including one critical).
I didn't read the article. This is bad because it's Mozilla.
Mozilla, much like Microsoft, can do no right, even when they do the exact opposite of the thing we called them out on before.
Mozilla announcement: https://blog.mozilla.org/blog/2016/06/09/help-make-open-source-secure/
There's more important things like making sure my 301 tabs left open for two months straight with a dozen extensions and plugins run in less that 1GB memory!!!
Blah blah version bloat blah memory leak blah blah!
Mozilla? The same company that just threw away $15k to remove the term "slave" from documentation?
I wonder what kind of damage their "audits" will do to these projects.
Tell me how Rust is a failure. Have you even coded a single line in Rust?
Considering that Microsoft's own compiler is inserting spyware into people's code by default, I'd say this is a smart move on the part of Mozilla.
Oh and by the way are you all going to get on the prosecute-Microsoft-bandwagon, now? Because now they're violating anti-hacking laws by inserting unwanted and malicious spyware into other people's software.
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
As long as they dont fund audits for proper UX designs I can live with that.
Is it a question of money? Lots of Open Source projects start out being what users want because the original developers were also its users. They had an itch to scratch so they built something that solved their problem. But once the developers moved on or got bored with it, the only ones interested in developing it were guys who wanted to make money off it somehow. All the new features concentrate around monetizing the program instead of making life easier for those who get it for free.
The only implementation of Rust is very buggy (over 2,000 open bugs right now!), despite it being written in Rust, which is a language that's supposed to make it harder to write buggier code!
It removes a class of bugs that are common in C and C++ that are the #1 cause of security bugs in those languages (and also cause weird behavior that can be hard to track down due to random corruption).
Any program of significant complexity is going to have bugs. There is no silver bullet. That doesn't mean the improvement Rust brings isn't worthwhile.
Rust's supposed benefits are typically no better than what you get when using C++11 or C++14, and modern C++ techniques.
Can you point to a notable open source C++ program, then, that follows these techniques?
Here we go again...
- Rust is essentially a proprietary language, even if the source code is available.
I'd guess you say this because there is no standards committee for Rust? Well yeah, maybe that makes it "proprietary", but that isn't something bad. Linux has a dictator as well, just like many other projects. In the context of programming languages, at least Go, Java and Swift are "proprietary but open source" as well.
The great thing about open source is that if upstream fucks up, people create a fork. Think of LibreOffice for example.
- There is only one implementation of Rust. You're fucked if there's a problem with it. You can't use an alternative compiler, even temporarily, because none exist!
Does Go have an alternative compiler? Does Swift have one? This is standard for younger programming languages.
- The only implementation of Rust is very buggy (over 2,000 open bugs right now! [github.com]), despite it being written in Rust, which is a language that's supposed to make it harder to write buggier code!
This incredibly weird and wrong argument has been posted by ACs on slashdot for some months now. I'll just put this link here: https://news.slashdot.org/comm...
In fact, its a bad sign for Rust to have "only" 2k open bugs, more successful projects have even more bugs in their trackers than Rust.
- The "safety" Rust promises is only as good as the compiler that implements it, which as we can see from the over 2,000 open bugs is very questionable!
The major security benefits added by Rust are thanks to things people coding e.g. in C have to do themselves, like free()-ing stuff.
As with self driving cars, this added automation only needs to be better than human in order to be the better alternative, not perfect. And I'm sure Rust is inside that range.
- Rust isn't as portable as C++ and many other languages.
Most common targets are already supported: https://github.com/rust-lang-n...
You can't write an operating system in Go, but you can do it in Rust. In fact there is even a project writing one.
- Rust's syntax is mediocre, and it some cases it's worse than C++.
This is about taste. I like Rust syntax. If you don't like it its your problem.
- Rust's ownership semantics are inconvenient to use and difficult for many typical programmers to understand, even compared to C++'s RAII.
There is a high entry barrier, yes. But I think for people who are generally not accustomed to lower level languages like C/C++ its easier to not have to worry about stuff like allocation, and have the compiler say "this is wrong" if there is a problem, instead of stuff compiling but then failing horrendously or doing stuff like memory leaks or even stuff like race conditions, which only mean a problem in a fraction of the cases.
- Rust lacks proper class OO.
That's true. I can avoid it, for me its not a problem.
- Rust lacks proper exceptions.
I consider this a feature. Exceptions are one of the major sources of bugs in C++. Its much better to have the Result type, where you can recover from errors much faster. Recovering from errors is faster in Rust than in C++!
- Rust's standard library is inadequate and incomplete.
The standard library of C++ is far more inadequate and incomplete than Rust's. I am missing many functions I have available in Rust when writing C++.
Some nice stuff is marked unstable but you can use the nightly compiler if you want to use it.
- Rust's supposed benefits are typically no better than what
So do Perl, Ruby, Python, Java, C#, PHP, Tcl, Lua, Erlang, Go, Swift, Haskell, OCaml, JavaScript, and numerous other languages with garbage collection or other forms of automatic memory management. So Rust is nothing special.
But Rust is special, because it was designed to be used without garbage collection. Garbage collection isn't free and this is one of the main reasons that C/C++ is still used today.
At least you're admitting there's nothing special about Rust. That's more than most of its supporters are smart enough to do. Most of them just keep on insisting it's "safer", despite the Rust implementation itself being bogged down with bugs.
You clearly have a problem with reading comprehension. It is safer with the class of bugs I mentioned, the #1 source of security bugs and memory corruption bugs that waste a lot of time tracking down.
The newer parts of many C++ projects are written using these techniques. Some examples you may have heard of are LLVM (funny, Rust's implementation uses this!), Boost, and Qt.
Oh, so you won't get problems like this:
"This was precisely the root cause of the memory problem: MDNodeFwdDecl's constructor always tried to construct its ReplaceableMetadataImpl parent past the end of its allocated memory buffer, because its own operator new was not properly overloaded. Sometimes there are no visible side-effects because of this, and things seem to work. However, Valgrind always flags it."
It uses ownership. It's not anything that can't be done in C++, but the difference in the compiler enforces it.
Mozilla has money!