Tor Browser Will Feature More Rust Code

An anonymous reader writes: "The Tor Browser, a heavily modified version of the Firefox browser with many privacy-enhancing features, will include more code written in the Rust programming language," reports BleepingComputer. In a meeting held last week in Amsterdam, Tor developers decided to slowly start using Rust to replace the C++ code. The decision comes after Mozilla started shipping Rust components with Firefox in 2016. Furthermore, Rust is a memory-safe(r) language than C++, the language used for Firefox and the customized Tor code, which means less memory corruption errors. Less of these errors means better privacy for all.
"Part of our interest in using safer languages like Rust in Tor is because a tiny mistake in C could have real consequences for real people," Tor developer Isis Agora Lovecruft posted on Twitter, adding "Also the barrier to entry for contributing to large OSS projects written in C is insanely high."

Uh-huh

[93+Escort+Wagon]

"Part of our interest in using safer languages like Rust in Tor is because a tiny mistake in C could have real consequences for real people," Tor developer Isis Agora Lovecruft posted on Twitter[.]

This line of thinking seems eerily similar to the arguments people make when they choose to roll their own encryption rather than rely on a pre-existing project like openssl.

Social Justice Warrior Blockbot user

Yeah, you should totally trust someone who runs Randi Harper's industry blacklist of "problematic" people in tech. Problematic... like White people. Or Male Identifying Penis Carrying Humanoids. Or the more than three quarters of the US who didn't want to follow the faux-left Clintonites down the drain.

Hell, the "they/them" madeup bullshit pronouns on his twitter profile is enough to stop paying attention to him, but the fact that he joined in on or even spearheaded the Jacob Applebaum lynch mob which was later proven to be a hoax created by 3 white knights who refused to even ask the supposed "victims" (who rejected it outright) they decided to speak on behalf of is enough: https://twitter.com/isislovecr...

(Personal rule: Someone who claims to have made up bullshit pronouns is male. Since gender is a social construct and men and women have equal rights, this is not transphobic because gender doesn't matter, right?)

Also, what's the "insanely high" bar for C? Knowing how to code? Yes, yes. Very problematic. Why would you want to require people to know how to code to contribute source code to a browser that millions rely on to keep themselves safe from being killed to actually know how to... contribute source code.

I am all for it

I am all for it. I know there will appear a group of people here bragging how they are good programmers and never do memory bugs in C. Maybe it is true, maybe not. Still, show me even one bigger project written in C that never had any memory management related bug!

In a bigger project, you will not have just have programmers belonging to this elite. You will also attract less skilled developers. This could partly be solved by having more peer-review, but the more peer-review you have of the code and the more checks you do before committing, the slower the development process becomes. And even high class projects with amazing history of C usage like, OpenBSD, occasionally have their bugs.

My opinion is that it is better if the peer-review time and development time is spent on getting the algorithms correct rather than hunting around for memory handling issues.

My biggest concern about this move is the state of Rust. It is still somewhat "unstable" as it is a young language with heavy development.