-
Ha, nice to see that here. By the way, here’s the full playlist for RustFest, which I have run over the last 4 days (there was only 1 talk day):
https://www.youtube.com/watch?v=23lRkdDXqY0&list=PL85XCvVPmGQgdqz9kz6qH3SI_hp7Zb4s1
For those interested: next RustFest is in September/October.
-
-
Rome. We’re currently searching for venues, expect a date announcement in June (or later, depending on how well the venue search goes).
-
-
We can’t get much more official: https://twitter.com/RustFest/status/1000403458212671488
-
-
-
-
-
The most important Git hook is “post-update” on a remote test repository that can update the working copy after you push to it, run tests and conditionally push to a production repo.
-
-
One problem with this move to a self-run CA now is that my RSS feeder is unable to fetch the feed, as it correctly does proper cert checks. I would need to hack around to get it working again on a not-run-under-my-control instance on Heroku.
-
-
“In this talk, I will describe my experiences at Microsoft building a new operating system written entirely in a Rust-like safe systems language. I will also talk about my subsequent efforts taking those experiences and applying them to the heart of Windows, and the associated technical and cultural challenges. “ (Joe Duffy of Microsoft Midori)
I’m already regretting I can’t be there. His write-ups on Midori showed it to be some amazing research. I’m sure his talk plus any collaboration with him on improving or utilizing Rust in system software would all be really interesting. Hopefully, it inspires some practical work down the line.
-
-
Appreciate the tip!
-
-
We love exchanges with other programming language communities, in both ways :). For example, Aaron Turon was keynote speaker at the Scala Days a while ago.
I can’t chat too much, but we have at least a teasing submission in that category for RustFest, too.
-
-
The post doesn’t mention any results from this approach, do you have any?
-
-
-
Scanning the internet randomly in that way is not gonna lead to a lot of results, at least not in any reasonable time frame. If you instead look at sites that crawl the internet for a living, you get 17.000 results. Not all are actually Redis nodes and not all Redis nodes are completely open.
Attack vectors on Redis to compromise the whole system are known for quite some time, and Redis now has better defaults and a protected-mode by default. But people tend to not update it. We still reguarly have users coming into the IRC channel asking for help with cleaned/exploited Redis node.
I keep reminding people to not open up each and every service to the whole wide internet.
-
-
-
I’m not a rust person, figured I’d give it a try.
Can’t get the
hello-worldexample to build because cargo can’t fetch the crates index because of some git issue talking to https://github.com/...Every time I try projects like this, and the tooling is wonky, it makes me appreciate golang that much more.
Fascinating that someone voted this down as (incorrect). I can show you my terminal if you want, this did actually happen, and is actually a defect.
-
Too bad this happened. Given the limited info you gave it could be different things: 1. a transient error connecting to github 2. a proxy in use that somehow breaks the connection 3. using a broken version of cargo (yes, we had that recently…)
From my own experience I find the Rust tooling far more reliable than what Go offers.
-
Do you think that’s because golang has concretely better tooling in some way or because you’ve grow accustomed to its quirks? I’ve experienced the promising new library without a working example a lot, regardless of language. I’d be curious to hear what approach go takes that can address it.
-
Quirks that hang up new golang devs:
* $GOPATH
* the import system
* (new) vendoringThings that golang gets right:
* When things fail, they fail in very transparent ways. An example would be, if I had the above issue, I would 100% be able to reproduce it if I tried agit clonemyself, vs. rust where it’s not shelling out and it’s some other configuration or library issue.
* golang has no configuration files, everything you need can be inferred by what’s on disk.Basically it comes down to, an initial hurdle of slight magic with golang, and then extreme transparency and logic with everything after that initial acclimation period.
-
-
On other end of spectrum, I had to try to code something in a hurry on a new computer without knowing tooling or programming due to memory loss. FreeBASIC did a simple install, I/O worked as in tutorials, typed stuff into text editor, and ran compiler with terminal command.
Effortless just like QBasic I started with ages ago. Another good one from my early time was LISP box or something like that. Integrated everything from editor to compiler in one executable. Stuff like this is how I judge how easy tooling is to install and get running with.
-
-
I liked the bit about the new
?operator. A convincing argument for when something should be turned into a language built-in (in my opinion).-
I’m concerned with how subtle it is. It took me a while to figure out the revised code because I just didn’t see the first ?. I saw the second, but couldn’t figure out how it worked.
Maybe rust isn’t C, but I’ve never liked control flow macros. I get nervous when I can’t see all the ways out of a function.
-
I really like the new operator - but I can understand that people might find it too invisible when glancing at a codebase.
The big benefit of
?compared tothrowof other languages (C++, Java) is that it the underlying concept (Result<T>) forces you to handle the possibility of errors in every layer. Compared to C or Go (both force you to think about addingif err != nil { return err; }).So compared to Java/C++ it’s more obvious where errors can happen and compared to C/Go it’s forcing you to handle errors where they happen (just ignoring a
Resultwill result in a compiler warning). -
I’m concerned with how subtle it is.
But isn’t that the intention? The idea is that it looks like you’d write code almost as if errors don’t exist, while giving the possibility to let errors bubble up. I agree that it hides errors to some extend, but the same is true for checked exceptions or error monads.
-
-
I share your overall unease with hidden function-exits and would recoil at seeing things like break/continue/goto/return in a macro, but I don’t think all control-flow macros are necessarily bad (e.g. the Linux kernel’s
list_for_eachor the analogoussys/tree.htraversal macros in BSDland).
-
-
-
HKT and do notation has a number of unresolved questions in Rust, ones that might take years to be resolved, if ever.
The need to make error handling is immediate and affects most Rust users.
If that ends up being a wart on the language in years, well, at least everyone’s life will be improved between now and then. rust will never be perfect.
-
-
-
How could it be more powerful than it is? Please explain, you really got my attention :D
-
-
At first glance, I really like it. I code mostly backends in Erlang/Elixir. One of the biggest issues of my code is having nested cases (match in Rust or OCaml). Elixir somehow got it solved with the with special form. The RabbitMQ team created Erlando using Erlang’s parse transform (sort of macros) that adds syntax extensions to Erlang, with the do syntax for monads being the most important one to solve somehow this issue.
Is there any other way of solving this issue? Is there any other concept that solves this type of problem that is not somehow related to monads?
I ask this since the last years it appeared to me that in the end if I don’t have support or tools similar to do notation I keep on reiventing the wheel or non standard tools like Erlando or semi powerful constructs like Elixir with.
-
-
-
I used it for an university-internal security lab. It was easy to set up and did its job.
Though I’m not sure I’d deploy it on any Internet-exposed instance just yet.
-
I think its important to read pedantic articles like “How to C” with a wider context. Try reading some other thoughts from the original article’s author:
https://matt.sh/searching-2013 – “So, the only place willing to hire me is the place where I both a.) didn’t do any live coding interviews and b.) never met anybody in person — their entire interview process was IM/Skype-based10. I’m not sure what that says about me, but I try not to think about it.”
https://matt.sh/programming-errors – “This article is a quick overview of both technical and interpersonal errors we encounter when trying to develop software with more than one person. No literature was consulted. All thoughts are my own delusions.”
This post is a thoughtful critique, which is more than the original article deserved. “How to C”’s author is a classic programming troll. Granted, he’s a pretty good one, which makes it hard not to respond, but he’s a troll just the same.
Stop feeding the troll.
-
I don’t think “troll” is a good word to describe Matt. I might call his piece an “accidental troll” instead.
Those quotes show that Matt might not have done lots of research to back up his original article, but they don’t at all imply that Matt published the article hoping to get a rise out of people for the parts that were wrong. The article looks like a genuinely-offered, but under-researched, set of suggestions.
-
The article opens with “The first rule of C is don’t write C if you can avoid it.” It is filled with “modern rules” and “your’re doing it wrong”, and ends with, “Writing correct code at scale is essentially impossible.”
That piece is an accidental troll? I sense natural talent!
-
-
-
We don’t want to get submissions for every CVE and, if we do get CVEs, we probably want them tagged
security.while I agree with you in this case, I don’t particularly like the “I speak for everyone” stance you seem to be taking here.
This one is somewhat notable for being the first (?) RCE in Rust, a very safety-focused language. However, the CVE entry itself is almost useless, and the previously-linked blog post (mentioned by @Freaky) is a much better article to link and discuss.
Second. There was a security vulnerability affecting rustdoc plugins.
Do you think an additional CVE tag would make sense? Given there’s upvotes some people seem to be interested.
That’d be a good meta tag proposal thread.
Yeah, I’d rather not have them at all. Maybe a detailed, tech write-up of discovery, implementation, and mitigation of new classes of vulnerability with wide impact. Meltdown/Spectre or Return-oriented Programming are examples. Then, we see only the deep stuff with vulnerability-listing sites having the regular stuff for people using that stuff.
seems like a CVE especially arbitrary code execution is worth posting. my 2 cents
There are a lot of potentially-RCE bugs (type confusion, use after free, buffer overflow write), if there was a lobsters thread for each of them, there’d be no room for anything else.
Here’s a list a short from the past year or two, from one source: https://bugs.chromium.org/p/oss-fuzz/issues/list?can=1&q=Type%3DBug-Security+label%3AStability-Memory-AddressSanitizer&sort=-modified&colspec=ID+Type+Component+Status+Library+Reported+Owner+Summary+Modified&cells=ids
i’m fully aware of that. What I was commenting on was Rust having one of these RCE-type bugs, which, to me, is worthy of discussion. I think its weird to police these like their some kind of existential threat to the community, especially given how much enlightenment can be gained by discussion of their individual circumstances.
But that’s not Rust, the perfect language that is supposed to save the world from security vulnerabilities.
Rust is not and never claimed to be perfect. On the other hand, Rust is and claims to be better than C++ with respect to security vulnerabilities.
It claims few things - from the rustlang website:
None of those claims are really true.
It’s clearly not fast enough if you need unsafe to get real performance - which is the reason this cve was possible.
It’s clearly not preventing segfaults - which this cve shows.
It also can’t prevent deadlocks so it is not guaranteeing thread safety.
I like rustlang but the claims it makes are mostly incorrect or overblown.
Unsafe Rust is part of Rust. I grant you that “safe Rust is blazingly fast” may not be “really true”.
Rust prevents segfaults. It just does not prevent all segfaults. For example, a DOM fuzzer was run on Chrome and Firefox and found segfaults, but the same fuzzer run for the same time on Servo found none.
I grant you on deadlocks. But “Rust prevents data race” is true.
I’m just going to link my previous commentary: https://lobste.rs/s/7b0gab/how_rust_s_standard_library_was#c_njpoza