Slashdot Mirror
Mozilla Binds Firefox's Fate To The Rust Language (infoworld.com)
An anonymous reader quotes InfoWorld:
After version 53, Firefox will require Rust to compile successfully, due to the presence of Firefox components built with the language. But this decision may restrict the number of platforms that Firefox can be ported to -- for now... Rust depends on LLVM, which has dependencies of its own -- and all of them would need to be supported on the target platform. A discussion on the Bugzilla tracker for Firefox raises many of these points...
What about proper support for Linux distributions with long-term support, where the tools available on the distro are often frozen, and where newer Rust features might not be available? What about support for Firefox on "non-tier-1" platforms, which make up a smaller share of Firefox users? Mozilla's stance is that in the long run, the pain of transition will be worth it. "The advantage of using Rust is too great," according to maintainer Ted Mielczarek. "We normally don't go out of our way to make life harder for people maintaining Firefox ports, but in this case we can't let lesser-used platforms restrict us from using Rust in Firefox."
InfoWorld points out most Firefox users won't be affected, adding that those who are should "marshal efforts to build out whatever platforms need Rust support." Since most users just want Mozilla to deliver a fast and feature-competitive browser, the article concludes that "The pressure's on not only to move to Rust, but to prove the move was worth it."
What about proper support for Linux distributions with long-term support, where the tools available on the distro are often frozen, and where newer Rust features might not be available? What about support for Firefox on "non-tier-1" platforms, which make up a smaller share of Firefox users? Mozilla's stance is that in the long run, the pain of transition will be worth it. "The advantage of using Rust is too great," according to maintainer Ted Mielczarek. "We normally don't go out of our way to make life harder for people maintaining Firefox ports, but in this case we can't let lesser-used platforms restrict us from using Rust in Firefox."
InfoWorld points out most Firefox users won't be affected, adding that those who are should "marshal efforts to build out whatever platforms need Rust support." Since most users just want Mozilla to deliver a fast and feature-competitive browser, the article concludes that "The pressure's on not only to move to Rust, but to prove the move was worth it."
What's with all these other languages lately?
R.I.P. Firefox. It was fun while it lasted.
And why aren't they using Swift which is the de-facto best choice for next generation systems languages? There's probably two or three orders of magnitude more developers using Swift in a production capacity on a daily basis than the entire "rust" ecosystem combined many times over.
Is this is yet another example of the Mozilla organization putting bullshit liberal politics above technical know how and meritocracy? Is it any wonder why they have become largely irrelevant?
so many bad decisions. RIP.
A browser nobody uses written in a language nobody uses.
Firefox will require Rust to compile successfully
Rust depends on LLVM
Ok, so we can't compile Firefox on lesser-end androids targeting a megacluser of PICs. But apart from that, what's the fuss?
Without knowing anything about it, I'd guess 99,999% of the times Firefox is compiled, it is compiled on x86-64. And a dependency on LLVM won't bump that to 100%.
Should I have read TFA in order to understand TFS?
No other modern language is capable of safety and is low level enough. I saw one comment here asking why no swift, well for starters it has no concurrency or parallelism primitives which are a necessity for a systems language. Certainly for whatever language you want to write a browser in...
Arguably most comments here so far are by people who don't know how to actually program at a professional level, which explains the stupidity within them. Bloat ware? How the fuck so because they modified their tool chain to use Rust? Gimme a fucking break. RIP Mozilla? Hardly. This will allow them to eventually write a safer and more correct browser.
Rust is a mighty good language. To ignore it completely is something to be left for idiots. Do you still write COBOL or Basic?
C/C++ have major issues in the modern world that are nearly impossible to fix at the language level. Both can be used well if you use only a small subset of language features. Rust homes to fix this and from what I've done with it-- is fixing it.
Thank you for dragging your feet on the LLVM thing and complaining about it instead, you stalwart defenders of the OSS world, you. After all, your niche architecture is only worth that much, not doing the actual leg-work to drag it into the future.
Courage is not removing the headphone jack. Courage is switching to a new systems language because the existing one, while good, just doesn't allow them to reach th quality level they want.
SJW n. One who posts facts.
I said it before, Mozilla needs to be a basic browser that is written in standardized C++ and not use any Brogrammer languages like Rust. Keep to the basics and keep supporting Windows XP and old Linux distros as that is where most of your dedicated users come from. Slashdot users need to get together and force Mozilla to stop Chromifying everything.
Oh yeah, C and C++.
It's too early. Rust isn't ready.
I've played around with it, and it has some interesting properties and ideas that I like.
But the tools are still too unstable. Language and library features change from one compiler version to the next.
And compilation is slow as shit.
Try compiling a simple hello world with Rust or GCC. The difference is staggering. (at least it was about 6 months ago)
This might now matter for a hello world, but a codebase the size of firefox?
Or are they going to use rust to compile only 1% of the code, in which case they are complicating their build for no reason.
lololol hahaha
is basically a wholly owned subsidiary of Mozilla. This whole thing smacks of eating your own dog food. As long as their support for the big 3 (Windows, OSX, Linux) isn't impacted I suppose it won't matter much. But if it even means waiting a bit for patches on Ubuntu or Red Hat then expect Chromium to eat what's left of their lunch.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
Given the quality of our comments recently, here is a good presentation with some actual information on their work currently and going forwards: Servo Architecture: Safety and Performance.
rust in peace
mother fuckers
Seamonkey and Thunderbird ported to Palemoon, then a 6 month focused effort by the internet community sorting out the crapfest of C++ interfaces in gecko and plugging all the holes.
Why does the incompetent bozo CEO still have a job?
The company is swirling the drain and in a couple more years it will be flushed.
So many stupid things: 1) monthly releases, 2) loss of user customization, 3) "features" nobody wants (pocket, sync, extension signing, etc), and 4) spyware "telemetry"
One day they will use Mozilla as an example in business classes in college of how to run a company down the toilet.
Someone who has truly mastered their craft may perfection 99% of the time. Or not - Tom Brady completes 64% of his passes.
Suppose the Firefox programmers were the most competent human beings to ever walk the earth, and got it right 99.99% of the time. With 14 million lines of code, they would have 14,000 flaws.
On the other hand, if the Rust string handling functions don't permit buffer overflows, they don't permit buffer overflows - ever. You can't write a buffer overflow in a language that doesn't use buffers. Not only will there not *be* such errors, but you can *prove* there are no such errors, you can trust it.
I don't have any opinion on Rust specifically, good or bad. I'm sure it has tradeoffs. The idea that you shouldn't use reliable tools because humans should just be perfect os silly.
I'm sorry, I was a firefox user for a decade+plus. I fiqured they would be my gateway to the world wide web, and the internet company responsible for my activities on the web. Everything seemed fine. Then I tried chromium.
Firefox is a slow, bloated, piece of crap.
"What about proper support for Linux distributions with long-term support, where the tools available on the distro are often frozen, and where newer Rust features might not be available?"
Actually, I would say that this is up to the distros. If the distro wants to ship a new Firefox then it obviously isn't completely frozen, so the distro would have to first package Rust and then use it to build the next Firefox update.
You've forgotten about the existence of iteration. Your assumption is they only have one chance ever to write a piece of code, and that it is never reviewed by another coder, or even the original coder after it's been written. You assume the code is never refactored, or passed through static check tools or other forms of analysis.
All those moments will be lost in time, like tears in rain.
The idea that you shouldn't use reliable tools because humans should just be perfect is silly.
I'm not advocating that at all, but Rust will have flaws (and limitations) too. It's a trade off, maybe a good one. But saying we need to Rust because "human's haven't got the brains to write secure code" (from the original post) is dumb. And, sure, Rust may "improve the situation by enforcing things that humans get wrong", but people can learn to get those things right too so it's not the only option. Good tools can be helpful, but they almost always come with a price. In this case, more limited distribution. If that's a price Mozilla is willing to pay (and it seems they are) so be it. Note: They seem willing to pay (give up) a bunch of stuff to pursue whatever their long-term goals are.
It must have been something you assimilated. . . .
That bizarre cathedral guy, Eric Raymond, is busy cleaning up NTP for security and recently evaluated Rust as a possible language for a complete re-write and found it deficient. His blog posts on that:
"Rust vs. Go"
Rust severely disappoints me
"Rust and the limits of swarm design"
Ceci n'est pas une signature.
"We normally don't go out of our way to make life harder for people maintaining Firefox ports--just plugins!"
What in the holy hell is this madness? Not supporting linux because it requires a bunch if programming dependencies? Fucking what?
~ $ eix -Ic dev-lang/ | wc -l
16
I have 16 programming languages installed right now, Rust would make it 17. Whoopdedingdongdoo.
I have powered through using Netscape/Firefox for a long time now and use it as my main browser. But if they make linux a second class citizen, well, I'm out. And before you say "muh privacy" I'll be moving to https://github.com/Eloston/ungoogled-chromium/releases
Extension signing is actually necessary to improve security, just like binary signing on every consumer system these days. Telemetry can be a very useful resource for devs, and being open source means that people can know exactly what is being sent to Mozilla ; also, it's possible to disable it completely.
Agreed with the rest.
And you imply that when code is revised, flaws are always removed and never added?
What about proper support for Linux distributions with long-term support, where the tools available on the distro are often frozen, and where newer Rust features might not be available?
For a really "L" TS distro like Debian it shouldn't be an issue because the vast majority of deployments are server instances, not desktops. For less "L" TS distros like Ubuntu, they are not so old (e.g. the current 16.04 LTS Ubuntu is much newer than Debian Jessie), and there is always the possibility to just add a custom archive to deal with it. In fact if you install Opera or Vivaldi from the official .deb's they distrubute, that's exactly what they do: They set up their own PPA.
At this point, Firefox is on a downward spiral down to 11% of the market. The only reason it is still around is because it was the browser that replaced IE which isn't really saying much. Also, it is the browser used for Tor. The only way Firefox will make a comeback is if Google Chrome pisses everybody off which it may.
Why would anyone name a programming language "Rust"?
Someone who has truly mastered their craft may perfection 99% of the time.
May what perfection?
systemd is Roko's Basilisk.
Sounds like its only used for COMPILING, not runtime.
So wtf, is the point of rust? I am sure perl would work equally as well.
Liberty freedom are no1, not dicks in suits.
> "human's haven't got the brains to write secure code" (from the original post) is dumb.
A posteriori, they don't. We tried that and in my database I have 90,000 examples of their failure to do so.
Yeah, so how many wankers use a 45meg library to read a 1kb XML config file, when you could have just made a simpler ascii format and wrote the code your self. Or your lazy coders who use sqllite for tiny configs, as you cant code for shit to store csv config files.
No wonder 2gb android with quadcores runs so shit compared to a 500mhz windowsXp box from year 2001.
Liberty freedom are no1, not dicks in suits.
Firefox is open source, are you volunteering to examine the 14 million lines, to find the 14,000+, so they can be iterated out?
Yes, that perfection indeed.
Yeah, so how many wankers use a 45meg library to read a 1kb XML config file, when you could have just made a simpler ascii format and wrote the code your self. Or your lazy coders who use sqllite for tiny configs, as you cant code for shit to store csv config files.
No wonder 2gb android with quadcores runs so shit compared to a 500mhz windowsXp box from year 2001.
Meh, coding a basic XML parser isn't that hard. I've done it, and it was fast, though in hindsight I should have just somehow got my company to approve a stock one, though it might have taken weeks to months, so it may have been a toss up. I was still using a schema verifier which came with another package, just not its xml parser which was crap. FWIW, you can probably load XML these days at 100MB/s or faster if you really want to go crazy and play the optimization game. I might have to go back and do that with an upcoming project, but probably not. C#s parser is pretty good.
Would I possibly include a library to read a 1kb XML file these days? Probably. It is usually better to code expecting growth, and it is just less code to debug. The main thing is not the number of DLLs you have floating around, but rather how hard is it for the end user to get going, and to get new versions going. (You're presumably not spending much time debugging stable versions of libraries.)
Another variation that seems more and more worthwhile these days is just using an sqlite database. This is particularly true if your end user has no need to edit any data. Of course that would be kinda ridiculous for a 1kb file, but I'd still argue that XML is not overkill, since it allows for growth and structure, and from what I've seen just the benefits of having decent schema checking alone make it worth it...
Why use computers in first place? An abacus is good enough for calculations and doesn't need all that newfangled electricity.
"It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
First, 45MB library to parse XML is a stupid false (I really wanted to say "stupid fucking") argument. I personally hate XML but it's trivially easy to use at this point.
Second, who the fuck cares is it WAS 45MB (which it wasn't) on the server side if it solves a generic problem like parsing all XML.
Third, what's that "ASCII format"? You want to define your own format, then? And that's somehow more maintainable than XML?
And addendum - I don't think Sqlite is needed for most projects, but I have used it and if it is, it's a really small library that uses a tiny (and appropriate) amount of RAM and storage.
When oh when will the Mo$illacrap dictators up in their high castles stop wasting so much time and resources on
1) Spending HOURS designing & mulling over new logos
2) writing HUNDREDS of lines of javascript for features nobody wants
3) Maintainting a slow, leaky, outdated old Nut$scrape codebase that is not based on fresh, new KDE Konqueror codebase from 1990s like everyone else
. and when oh when will they realise that what's really needed is a new, secure multi-threaded / multi-process browser.
Oh wait.
By "basic" you probably mean "works for the few xml features we actually use". But free and reliable parsers are available , why would you waste your time writing your own?
Every single line of code is a potential flaw? What type of work do you do exactly? I know it's not programming.
I wouldn't trust Rust. It's written by those same error prone programmers who haven't got the brains to write secure code. How many lines of code is in the Rust compiler & library. How much of that must be flawed? That'll get passed on to every program that uses it. We need to stop using buggy software written by mentally deficient programmers to write security critical software. It's the only way to be sure.
I leave some shit on there as backups, like isos, or
docs.
But since its reached its limit, i rarely use it any more, now that google gives away 100gb+ if you buy some phone models.
Liberty freedom are no1, not dicks in suits.
No-one, apart from maybe Dan Bernstein, is good enough to reliably write bug-free code. The hubris that says "I am!" is the core reason why we have such enormous security problems.
> How many lines of code is in the Rust compiler & library. How much of that must be flawed? That'll get passed on to every program that uses it.
No, that's not how it works.
A bug in the compiler only matters if it was triggered during the build that produced your binary *and* the build succeeds *and* the results pass your test suite. Unless your code is quite unlike anyone else's code, you will hit this a lot less than bugs in your own code.
A bug in Rust's standard library can affect a lot of programs, but much of Rust's standard library is written in safe Rust so gets the same safety guarantees as regular Rust code. And of course the standard library gets a lot more testing and inspection than your own Rust program.
The bigger picture is that formal verification technology is advancing so that in time, we'll be able to verify that a build worked correctly (i.e. the generated code preserves the safety properties of the Rust code), and we'll be able to write proofs for most of the unsafe parts of the Rust standard library that they also preserve safety properties.
5) rewriting existing codebase with some kitchen sink programming language nobody outside of their own company uses.
Are they doing these stupidities just to keep their employers busy? Or are they really trying to drive away their users and now also the open source developers, as Rust is equally popular language as Basic v2.0.
You can't write a buffer overflow in a language that doesn't use buffers. Not only will there not *be* such errors, but you can *prove* there are no such errors, you can trust it.
That's a very naive way of thinking. The language may not support buffers, but the implementation sure as hell will.
This is like those (JavaScript, Flash, Google NaCl, etc) security sandboxes that are supposedly "proven" to contain any VM instructions running inside, but in practice the sandbox implementation turns out to have implementation flaws that are exploitable from within the sandbox.
Yes, it may improve code quality, and reduce the number of exploits. But blindly trusting that the language will keep you safe security-wise, is a sure way to get pwned.
Since we have the word "regression" no, I am not implying that. I am stating that when reviewed there is a decent chance of errors being found and that code will tend towards less errors in the absence of new features. It's unreasonable to expect that code refactors will never add new bugs, but it is perfectly reasonable to assume that they will trend towards less bugs.
All those moments will be lost in time, like tears in rain.
This presumes something that they shouldn't. You can't get RUST to be perfect, even if you make it "enforce the rules"- it's a fallacy and a folly to be brutally blunt. It's another abject fail in a space they've been trying to find "answers" and failing over and over again for DECADES now.
Rust isnt the only language with this feature, Perl has had it for much longer, along with tools like Tainting.
Oh shit, you called him DAN Bernstein! He's going to be so pissed if he sees that. You didn't call him DOCTOR DANIEL J Bernstein, PhD. Prepare for the wrath of his almighty ego if he sees that!
I've worked with DJB alot in IETF and I think I most IETF members agree the unusual things about DJB are his ego and his contrarianism. Always doing the opposite of well-established best practices doesn't make him smarter than everyone else, it just means he re-invents all the same mistakes that most of us learned to avoid 30 years ago.
Yep, that 's what I'm talking about.
"It is no measure of health to be well adjusted to a profoundly sick society." - Jiddu Krishnamurti
This is a massive and dangerous disease within open source circles - deep layers of dependecies. One package depends on three others, each of which has a dozen dependencies, each of which has a bunch of dependencies, each if which has more depedencies, etc.
If you did not write your code, then you do not understand your code and your code is not trustworthy nor maintainable.
Sticking together a hundred other bits of code written by people you do not know and applying the coding equivalent of chewing gum, bailing wire, and duct tape is not programming at all - it's on-par with being a script kiddie, and when some prject your "program" is dependent upon goes away you may be left unable to fix/maintain the thing you have pretended was your program.
This sort of garbage programming did not generally exist before the internet. Now lazy people think nothing of using enormous piles of code they know nothing about but were able to find with a quick googling and insert into critical applications - and we have all sorts of buggy code and code with huge security problems.
Who doesn't like a good tool on traint
Firefox is kind of dying for a lot of reasons. Why not use it as a guinea pig?
This can be a great reality check for Rust. Find and fix the flaws in the language by trying to use it for something real and something big. There's a chance that a better language and a better browser will both emerge from this in parallel.
That's all very well and good, and I credit Mr. Raymond for his accomplishments, but I'm afraid that he has a sufficiently bad reputation for making crazy statements that I am unwilling to take his opinion on any matter, That may not be fair to him as a technical expert, but he has earned distrust for his far-too-numerous non-technical opinions and general batshit craziness. It's not my job necessarily to issue proclamations for the groupthink here, but I am pretty sure that I'm not alone in feeling like this, and I suggest that you might want to put in some sort of explicit disclaimer or endorsement, to the effect that, "this is one of the times when ESR is actually worth listening to." It's a shame to have to say something like this. There are things he has written, however, that are crazy enough that I wish I could unread them. I am of course merely offering this suggestion on the basis that you might not be aware of his reputation.
Those who advocate genocide deserve every protection afforded by law, and none afforded by common human decency.