Foundation thrillogy: Rust programming language gets new home and million-dollar spending account

Mozilla moves Rust under a non-profit foundation


Almost six years after it debuted, the Rust programming language is moving out of the Mozilla's house into a foundation of its own.

Mozilla and the Rust community on Monday plan to announce the creation of the Rust Foundation to oversee the sustenance of the language.

The non-profit foundation will manage the IT and administrative infrastructure that supports the open source Rust developer community, and will continue its technical governance of the language. It will do so with a budget of more than $1m annually, supported by founding member companies Amazon Web Services, Huawei, Google, Microsoft, and Mozilla.

"Mozilla incubated Rust to build a better Firefox and contribute to a better Internet," said Bobby Holley, principal software engineer at Mozilla and Rust Foundation board member, in a statement provided to The Register. "In its new home with the Rust Foundation, Rust will have the room to grow into its own success, while continuing to amplify some of the core values that Mozilla shares with the Rust community."

Based on a research project by then Mozilla developer Graydon Hoare, Rust saw its 1.0 release in 2015. As a systems programming language, it's unlikely to become as popular as higher-level languages that have a lower learning curve, like Python. Still, it has become moderately popular in the overall scheme of things and is now among the top options for those working on projects that prioritize security and stability.

While it only reached the top 20 programming languages last year, Rust has proven to be appealing because it can provide both performance and memory safety and because its online community has been well-run. It has been voted the "most loved" programming language five years in a row in Stack Overflow’s annual developer survey.

A sketch of the Rust programming language logo

In Rust we trust: Shoring up Apache, ISRG ditches C, turns to wunderkind lang for new TLS crypto module

READ MORE

For companies working on software projects that operate on a massive scale, Rust may be even more appealing. The Internet Security Research Group's decision to create Apache httpd module mod_tls in Rust to eventually replace mod_ssl, written in C, follows from the language's ability to improve memory safety.

At the AllThingsOpen virtual conference in May 2020, Microsoft cloud developer advocate Ryan Levick gave a presentation in which he explained why Microsoft is increasingly using Rust.

"The fact of the matter is that memory safety issues account for a large majority of CVEs (vulnerabilities) that we encounter in the wild," he explained, citing the lack of memory safety in C++ as the source of many woes.

Other leading technology companies like Apple, Amazon, Dropbox, Facebook, and Google, he said, have also recognized the benefits of Rust's safety capabilities.

In a blog post provided to The Register prior to publication, Ashley Williams, a member of the Rust Core team, said the first Rust Foundation board meeting has been scheduled for February 9th, at 1400 PT.

The group's ten-person board of directors consists of one representative from each of five founding member companies and five directors involved in Rust project leadership – two from the Core team and three focusing respectively on reliability, quality, and collaboration.

Williams emphasized not only that Rust represents a technical endeavor that strives to balance power with accessibility, but also that the project exemplifies a model for community and collaboration.

"Rust believes that the ability of anyone to participate in the design and development of Rust is a mission critical aspect of building a language and ecosystem that is truly accessible to everyone," she said.

In an email to The Register, Williams emphasized that The Rust Foundation intends to focus on the needs of project maintainers.

"We believe that the best possible Rust will be built by happy and supported people," she said. "With this in mind, I expect us to focus on developing methods for evaluating the quality of both the maintainer experience and then developing services and programs that help improve that."

"There are certain things the project has already identified as areas to target, including leadership and management skills, as well as collaboration, mediation, and conflict strategies. I also expect us to build new, and strengthen our existing, organizational relationships with other projects such as LLVM, as well as academic, research, and community organizations."

Williams said that the foundation is likely to focus on issues that volunteer organizations find challenging, like access to legal and financial planning resources.

"These and other services will help the project tighten up product policy and better execute events and programs such as the Rust All Hands, which lets us gather our more than 100 global project leaders for a week of direct sync collaboration, and Increasing Rust's Reach, a program designed to help folks from groups underrepresented in Rust become project contributors and leaders," she said.

Rust's greatest challenge at the moment, Williams said, is managing success.

"Rust is at what I anticipate is just the beginning of a large wave of adoption, and as has been seen in both open source and private organizations alike, this type of exponential growth can be a challenge to even the strongest and most resilient communities and cultures," said Williams.

At the same time, Williams acknowledges that Rust has to deal with issues that most significant open source projects eventually confront like auditing costs and developing a sustainable environment for maintainers.

"We talk about ecosystems in tech all the time, but rarely do we critically engage with the balancing act that comes with healthily sustaining them," said Williams. "Too often still, both industry and hobbyists alike see open source as without cost, but unlike the canonical saying 'free as in beer,' open source is more akin to 'free as in puppy.'"

For those who've never been given a puppy, suffice to say that you pay in other ways. ®

Similar topics


Other stories you might like

  • Prisons transcribe private phone calls with inmates using speech-to-text AI

    Plus: A drug designed by machine learning algorithms to treat liver disease reaches human clinical trials and more

    In brief Prisons around the US are installing AI speech-to-text models to automatically transcribe conversations with inmates during their phone calls.

    A series of contracts and emails from eight different states revealed how Verus, an AI application developed by LEO Technologies and based on a speech-to-text system offered by Amazon, was used to eavesdrop on prisoners’ phone calls.

    In a sales pitch, LEO’s CEO James Sexton told officials working for a jail in Cook County, Illinois, that one of its customers in Calhoun County, Alabama, uses the software to protect prisons from getting sued, according to an investigation by the Thomson Reuters Foundation.

    Continue reading
  • Battlefield 2042: Please don't be the death knell of the franchise, please don't be the death knell of the franchise

    Another terrible launch, but DICE is already working on improvements

    The RPG Greetings, traveller, and welcome back to The Register Plays Games, our monthly gaming column. Since the last edition on New World, we hit level cap and the "endgame". Around this time, item duping exploits became rife and every attempt Amazon Games made to fix it just broke something else. The post-level 60 "watermark" system for gear drops is also infuriating and tedious, but not something we were able to address in the column. So bear these things in mind if you were ever tempted. On that note, it's time to look at another newly released shit show – Battlefield 2042.

    I wanted to love Battlefield 2042, I really did. After the bum note of the first-person shooter (FPS) franchise's return to Second World War theatres with Battlefield V (2018), I stupidly assumed the next entry from EA-owned Swedish developer DICE would be a return to form. I was wrong.

    The multiplayer military FPS market is dominated by two forces: Activision's Call of Duty (COD) series and EA's Battlefield. Fans of each franchise are loyal to the point of zealotry with little crossover between player bases. Here's where I stand: COD jumped the shark with Modern Warfare 2 in 2009. It's flip-flopped from WW2 to present-day combat and back again, tried sci-fi, and even the Battle Royale trend with the free-to-play Call of Duty: Warzone (2020), which has been thoroughly ruined by hackers and developer inaction.

    Continue reading
  • American diplomats' iPhones reportedly compromised by NSO Group intrusion software

    Reuters claims nine State Department employees outside the US had their devices hacked

    The Apple iPhones of at least nine US State Department officials were compromised by an unidentified entity using NSO Group's Pegasus spyware, according to a report published Friday by Reuters.

    NSO Group in an email to The Register said it has blocked an unnamed customers' access to its system upon receiving an inquiry about the incident but has yet to confirm whether its software was involved.

    "Once the inquiry was received, and before any investigation under our compliance policy, we have decided to immediately terminate relevant customers’ access to the system, due to the severity of the allegations," an NSO spokesperson told The Register in an email. "To this point, we haven’t received any information nor the phone numbers, nor any indication that NSO’s tools were used in this case."

    Continue reading

Biting the hand that feeds IT © 1998–2021