iTnews

Microsoft decides Rust could prevent flaws its own C# can’t quit crimp

By Simon Sharwood on Jul 18, 2019 10:39AM
Microsoft decides Rust could prevent flaws its own C# can’t quit crimp

Another sign of Microsoft opening up.

Microsoft has again embraced and all-but-endorsed open source, perhaps in preference to its own products and technologies.

This time the company’s expressed an ardour for Rust, the programming language spawned by the Mozilla Foundation.

Microsoft’s ardour emerged in a post from Gavin Thomas, principal security engineering manager at the company’s Security Response Center (MSRC) that cited research finding “the majority of vulnerabilities fixed and with a CVE assigned are caused by developers inadvertently inserting memory corruption bugs into their C and C++ code.”

The post argues that this isn’t entirely developers’ fault by stating, “A developer’s core job is not to worry about security but to do feature work.” It therefore suggests they need “a development language where they can’t introduce memory safety issues into their feature work in the first place”.

Such languages exist. As the post points out, C++ is pretty good at this. So is the Microsoft-developed C#.

But MSRC thinks what the world needs now is “all the memory security guarantees of languages like .NET C# combined with all the efficiencies of C++” and concludes that “one of the most promising newer systems programming languages that satisfy those requirements is the Rust programming language originally invented by Mozilla.”

Thomas then wrote that, “You’re probably used to thinking about the Microsoft Security Response Center as a group that responds to incidents and vulnerabilities.

"We are a response organisation, but we also have a proactive role, and in a new blog series we will highlight Microsoft’s exploration of safer system programming languages, starting with Rust. Please do join us on our journey.”

It’s unclear if Microsoft has used Rust on products or cloud services.

It is clear that Satya Nadella’s Microsoft is open to good technology regardless of its source, and is far less interested in crusading for its own products.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
c microsoft mozilla programming rust software

Partner Content

Beat the DDoS blackmails in 2021
Partner Content Beat the DDoS blackmails in 2021
Why companies fail at picking cloud modernisation partners
Partner Content Why companies fail at picking cloud modernisation partners
Shut the door on ransomware
Partner Content Shut the door on ransomware
MSI shows first laptops with Wi-Fi 6E, Nvidia RTX 30 graphics
Partner Content MSI shows first laptops with Wi-Fi 6E, Nvidia RTX 30 graphics

Sponsored Whitepapers

Five questions to ask before you upgrade to a SIEM solution
Five questions to ask before you upgrade to a SIEM solution
Effectively addressing advanced threats
Effectively addressing advanced threats
The risky business of open source
The risky business of open source
Ensure your e-signatures are legally binding
Ensure your e-signatures are legally binding
Mitigating open source risk in your organisation
Mitigating open source risk in your organisation

Events

  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
  • Beat the DDoS blackmailers in 2021
By Simon Sharwood
Jul 18 2019
10:39AM
0 Comments

Related Articles

  • DXC to deliver Australia's new job seeker platform
  • Microsoft, Cigna form coalition for digital records of Covid-19 vaccination
  • Mimecast says hackers hijacked its products
  • Suspected Russian hackers used Microsoft vendors to breach customers
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Australia Post is building a digital twin of its delivery network

Australia Post is building a digital twin of its delivery network

Google threatens to withdraw search engine in Australia

Google threatens to withdraw search engine in Australia

Trump pardons former Google self-driving car engineer

Trump pardons former Google self-driving car engineer

NBN Co runs fixed wireless tower on diesel generator for over two years

NBN Co runs fixed wireless tower on diesel generator for over two years

You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.