Robust Rust trust discussed after Moz cuts leave folks nonplussed: Foundation mulled for coding language

Cannot infer an appropriate lifetime, indeed

Following Mozilla's announcement last week that it would restructure and cut 250 jobs, the Rust Project, which oversees the Rust programming language, on Tuesday said it plans to work with Mozilla to create a Rust foundation by the end of the year.

"Understandably, these layoffs have generated a lot of uncertainty and confusion about the impact on the Rust project itself," the project's spokespeople said in a statement. "Our goal in this post is to address those concerns."

Starting a foundation, or putting a software project under an existing one, is a step that occurs when the code base has reached a level of maturity, adoption, and stability. It's commonly done when projects incubated within commercial companies seek to advertise their independence and neutrality; signals essential to generating enthusiasm from contributors at competing firms and independent developers.

Google's decision not to put its Istio and Knative projects under a neutral foundation like the CNCF, and the ongoing concern in the open source community about that choice, serves as an example of the importance of perception in such matters.

For Rust, there's less concern about the ulterior motives of its corporate patron, given that Mozilla doesn't throw its weight around like Oracle or other tech giants that oversee or contribute to open source projects.

But the Rust project, which only reached its 1.0 release five years ago, remains concerned with being seen as a healthy, evolving endeavor, a prerequisite for corporate adoption and for attracting contributors.


Mozilla signs fresh Google search deal worth mega-millions as 25% staff cut hits Servo, MDN, security teams


Rust is being used in services run by 1Password, Cloudflare, Discord, Dropbox, Amazon, and Figma, to name a few, and Microsoft is exploring its use for safer systems programming. Some of these companies are among its corporate sponsors, along with Arm, AWS, Google Cloud, and GitHub.

Demonstrating awareness of the need to operate without the appearance of favoritism or corporate capture, project leaders say that the Rust infrastructure team will work to ensure the project doesn't become dependent on a single sponsor.

The increasing adoption of Rust, perhaps even more than the instability of Mozilla, argues for a sustainable management structure through which contributors, users, and interested parties can address concerns on a level playing field.

"As the project has grown in size, adoption, and maturity, we’ve begun to feel the pains of our success," the Rust project said. "We’ve developed legal and financial needs that our current organization lacks the capacity to fulfill."

A foundation will provide a way to operate that doesn't depend on Mozilla. Its first task, the Rust project says, will be moving the trademarks and domain names associated with Rust, Cargo, and into the foundation.

Rust was the second-fastest growing programming language in 2019, according to GitHub's State of the Octoverse report. Usage grew 245 per cent, behind only Dart at 532 per cent. ®

Other stories you might like

  • Stolen university credentials up for sale by Russian crooks, FBI warns
    Forget dark-web souks, thousands of these are already being traded on public bazaars

    Russian crooks are selling network credentials and virtual private network access for a "multitude" of US universities and colleges on criminal marketplaces, according to the FBI.

    According to a warning issued on Thursday, these stolen credentials sell for thousands of dollars on both dark web and public internet forums, and could lead to subsequent cyberattacks against individual employees or the schools themselves.

    "The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks as criminal actors take advantage of users recycling the same credentials across multiple accounts, internet sites, and services," the Feds' alert [PDF] said.

    Continue reading
  • Big Tech loves talking up privacy – while trying to kill privacy legislation
    Study claims Amazon, Apple, Google, Meta, Microsoft work to derail data rules

    Amazon, Apple, Google, Meta, and Microsoft often support privacy in public statements, but behind the scenes they've been working through some common organizations to weaken or kill privacy legislation in US states.

    That's according to a report this week from news non-profit The Markup, which said the corporations hire lobbyists from the same few groups and law firms to defang or drown state privacy bills.

    The report examined 31 states when state legislatures were considering privacy legislation and identified 445 lobbyists and lobbying firms working on behalf of Amazon, Apple, Google, Meta, and Microsoft, along with industry groups like TechNet and the State Privacy and Security Coalition.

    Continue reading
  • SEC probes Musk for not properly disclosing Twitter stake
    Meanwhile, social network's board rejects resignation of one its directors

    America's financial watchdog is investigating whether Elon Musk adequately disclosed his purchase of Twitter shares last month, just as his bid to take over the social media company hangs in the balance. 

    A letter [PDF] from the SEC addressed to the tech billionaire said he "[did] not appear" to have filed the proper form detailing his 9.2 percent stake in Twitter "required 10 days from the date of acquisition," and asked him to provide more information. Musk's shares made him one of Twitter's largest shareholders. The letter is dated April 4, and was shared this week by the regulator.

    Musk quickly moved to try and buy the whole company outright in a deal initially worth over $44 billion. Musk sold a chunk of his shares in Tesla worth $8.4 billion and bagged another $7.14 billion from investors to help finance the $21 billion he promised to put forward for the deal. The remaining $25.5 billion bill was secured via debt financing by Morgan Stanley, Bank of America, Barclays, and others. But the takeover is not going smoothly.

    Continue reading

Biting the hand that feeds IT © 1998–2022