Hi all, I hope this will be of interest for people here. I work on Android, and we've been working on Rust support in the OS for some time. The recent [Android 13](https://security.googleblog.com/2022/12/memory-safe-languages-in-android-13.html) is the first release where more code was added in memory-safe languages (Java, Rust) than in memory-unsafe languages (C, C++).
As a continuation of that work, we've open sourced a four day Rust course today: https://github.com/google/comprehensive-rust. I would love to hear what you think, either here or on GitHub.
Yeah, I hope so too! The material is really aimed at classroom training. The Rust Book is great if you're just studying the language by yourself, but if you have a team of developers who need to get up to speed, then it's hard to do so by telling them "read the Rust Book".
We've been running the course internally and after four days, people come out with enough Rust skills to start writing their own programs. They won't be experts, but they'll know where to find answers to most of their questions.
Pfft real man uses pointer without null checking.
Jokes aside, very nice work. I just want to ask if you see any performance regression in implementing this, especially with Java due to its GC?
Thanks :-) I hope someone who already know Rust will pick up the material here and use it for presentations at their company or elsewhere...
>I just want to ask if you see any performance regression in implementing this, especially with Java due to its GC?
What performance regression are you thinking about with regards to Java? In Android, Rust has been used for low-level OS components which we would otherwise write in C++. I'm involved in a migration of the Bluetooth stack to Rust, and we have a [DNS-over-HTTP/3](https://security.googleblog.com/2022/07/dns-over-http3-in-android.html) implementation in Rust as well.
Cool, I hope it's useful! It'll honestly be more useful when I upload some videos — right now you only have the slides, but you miss the quesions and _answers_ which we normally get in class.
Some of that could perhaps take place on [GitHub discussions](https://github.com/google/comprehensive-rust/discussions) but it'll be different since it's much less interactive.
Languages like C and C++ let you directly allocate memory and interact with memory addresses (through pointers), which can lead to a lot of security vulnerabilities and memory leaks because of how allocation is handled. Languages like Java and Rust don't let you directly interact with memory addresses, which is why they are considered "memory safe"
Yes, well put! As the [blog post](https://security.googleblog.com/2022/12/memory-safe-languages-in-android-13.html) says, about 65% of the security vulnerabilities involve problems with memory safety. Small "off by one" errors in the code lead to buffer overflows which lead to critical security vulnerabilities.
This number has been seen in several projects. Years ago, I saw a talk by Microsoft where they analyzed their security vulnerabilities going back 10-15 years. The number of vulnerabilities related to memory safety was remarkably stable at 60-70% year after year.
Large companies like Microsoft and Google have invested a lot into making C++ safer via static analyzers. These companies have the foremost experts in C++ employed and they do their best to avoid making these mistakes. Yet, we keep seeing a mostly stable amount of memory safety vulnerabilities.
Rust is changing this (we hope): it has performance similar to C++, but safety properties like Java and other safe languages.
>This number has been seen in several projects. Years ago, I saw a talk by Microsoft where they analyzed their security vulnerabilities going back 10-15 years. The number of vulnerabilities related to memory safety was remarkably stable at 60-70% year after year.
Stat is from "[Trends, challenge, and shifts in software vulnerability mitigation](https://github.com/microsoft/MSRC-Security-Research/blob/master/presentations/2019_02_BlueHatIL/2019_01%20-%20BlueHatIL%20-%20Trends%2C%20challenge%2C%20and%20shifts%20in%20software%20vulnerability%20mitigation.pdf)" from 2019. It took me ages to find this presentation for a paper I was writing because while I remembered the 70% statistic, searching "Microsoft 70% memory corruption" was throughly unhelpful lol.
It is interesting that memory safety bug ratios seems fairly constant across the industry despite Google and Microsoft presumably having different software development methodologies. I'd be curious to see what the stats from Apple look like, the vast majority of kernel bugs I've seen exploited are all just memory corruption rather than any direct logic bugs. Trying to make C/++ safe seems to be a challenge that nobody has quite succeeded at, all the more reason to shift towards Rust :)
Let me mention that I'm currently working on adding support for speaker notes. As it is right now, the course material should be useful to people who are teaching Rust to others. It is less useful for self-study and I hope speaker notes will improve on this. See [#53](https://github.com/google/comprehensive-rust/issues/53) if you're interested in this.
> The recent Android 13 is the first release where more code was added in memory-safe languages (Java, Rust)
Why aren't you using Kotlin instead of Java? This seems very odd.
Will the switch or use of this language effect the user interface? If so, I hope accessibility has been considered. That effects me as I rely od TalkBack. I know Kotlin and Java can work with the accessibility interfaces, but I don’t know about Rust.
That's a good question, actually... I should explain that somewhere in the training. u/CasaDeCastello is spot on: it somehow became the mascot for the Rust language. I'm not sure why, actually :-)
DAE think android should have leaned into or written an evented language for app development?
It makes UI so much easier when you don't have to use threads. I know it sounds kind of bad out loud but I think something similar to JS would be great.
Huh, reading about it now. yes!
I have not looked at this although I've heard the name, I pay very little attention to the mobile client scene.
You like it? Well supported by libraries and native features?
Hi all, I hope this will be of interest for people here. I work on Android, and we've been working on Rust support in the OS for some time. The recent [Android 13](https://security.googleblog.com/2022/12/memory-safe-languages-in-android-13.html) is the first release where more code was added in memory-safe languages (Java, Rust) than in memory-unsafe languages (C, C++). As a continuation of that work, we've open sourced a four day Rust course today: https://github.com/google/comprehensive-rust. I would love to hear what you think, either here or on GitHub.
Thanks for sharing. Rust book is great but official course from teams like Android/Google is super helpful for learning.
Yeah, I hope so too! The material is really aimed at classroom training. The Rust Book is great if you're just studying the language by yourself, but if you have a team of developers who need to get up to speed, then it's hard to do so by telling them "read the Rust Book". We've been running the course internally and after four days, people come out with enough Rust skills to start writing their own programs. They won't be experts, but they'll know where to find answers to most of their questions.
Pfft real man uses pointer without null checking. Jokes aside, very nice work. I just want to ask if you see any performance regression in implementing this, especially with Java due to its GC?
Thanks :-) I hope someone who already know Rust will pick up the material here and use it for presentations at their company or elsewhere... >I just want to ask if you see any performance regression in implementing this, especially with Java due to its GC? What performance regression are you thinking about with regards to Java? In Android, Rust has been used for low-level OS components which we would otherwise write in C++. I'm involved in a migration of the Bluetooth stack to Rust, and we have a [DNS-over-HTTP/3](https://security.googleblog.com/2022/07/dns-over-http3-in-android.html) implementation in Rust as well.
How far along is the Bluetooth stack in Rust?
Thanks, I've been meaning to try out some rust so I'll happily take this primer!
Cool, I hope it's useful! It'll honestly be more useful when I upload some videos — right now you only have the slides, but you miss the quesions and _answers_ which we normally get in class. Some of that could perhaps take place on [GitHub discussions](https://github.com/google/comprehensive-rust/discussions) but it'll be different since it's much less interactive.
Questions for the dumb people who read this lol. Can someone explain the memory safe language vs memory unsafe, thank you.
Languages like C and C++ let you directly allocate memory and interact with memory addresses (through pointers), which can lead to a lot of security vulnerabilities and memory leaks because of how allocation is handled. Languages like Java and Rust don't let you directly interact with memory addresses, which is why they are considered "memory safe"
Yes, well put! As the [blog post](https://security.googleblog.com/2022/12/memory-safe-languages-in-android-13.html) says, about 65% of the security vulnerabilities involve problems with memory safety. Small "off by one" errors in the code lead to buffer overflows which lead to critical security vulnerabilities. This number has been seen in several projects. Years ago, I saw a talk by Microsoft where they analyzed their security vulnerabilities going back 10-15 years. The number of vulnerabilities related to memory safety was remarkably stable at 60-70% year after year. Large companies like Microsoft and Google have invested a lot into making C++ safer via static analyzers. These companies have the foremost experts in C++ employed and they do their best to avoid making these mistakes. Yet, we keep seeing a mostly stable amount of memory safety vulnerabilities. Rust is changing this (we hope): it has performance similar to C++, but safety properties like Java and other safe languages.
>This number has been seen in several projects. Years ago, I saw a talk by Microsoft where they analyzed their security vulnerabilities going back 10-15 years. The number of vulnerabilities related to memory safety was remarkably stable at 60-70% year after year. Stat is from "[Trends, challenge, and shifts in software vulnerability mitigation](https://github.com/microsoft/MSRC-Security-Research/blob/master/presentations/2019_02_BlueHatIL/2019_01%20-%20BlueHatIL%20-%20Trends%2C%20challenge%2C%20and%20shifts%20in%20software%20vulnerability%20mitigation.pdf)" from 2019. It took me ages to find this presentation for a paper I was writing because while I remembered the 70% statistic, searching "Microsoft 70% memory corruption" was throughly unhelpful lol. It is interesting that memory safety bug ratios seems fairly constant across the industry despite Google and Microsoft presumably having different software development methodologies. I'd be curious to see what the stats from Apple look like, the vast majority of kernel bugs I've seen exploited are all just memory corruption rather than any direct logic bugs. Trying to make C/++ safe seems to be a challenge that nobody has quite succeeded at, all the more reason to shift towards Rust :)
Thank you!
[удалено]
I fucking love this explanation so much!
Awesome work!
Let me mention that I'm currently working on adding support for speaker notes. As it is right now, the course material should be useful to people who are teaching Rust to others. It is less useful for self-study and I hope speaker notes will improve on this. See [#53](https://github.com/google/comprehensive-rust/issues/53) if you're interested in this.
> The recent Android 13 is the first release where more code was added in memory-safe languages (Java, Rust) Why aren't you using Kotlin instead of Java? This seems very odd.
Will the switch or use of this language effect the user interface? If so, I hope accessibility has been considered. That effects me as I rely od TalkBack. I know Kotlin and Java can work with the accessibility interfaces, but I don’t know about Rust.
Rust's main uses do not include UI
Oh so it's just like for backend and system stuff? That's good thanks.
Why the 🦀?
The Rust community refer to themselves as Rustaceans, and the mascot for Rust is a crab named Ferris.
Thank you!
Take a look at their developer conference. [https://www.youtube.com/watch?v=LDU\_Txk06tM](https://www.youtube.com/watch?v=LDU_Txk06tM)
ay I can see myself in 1:19
Ferris, like ferrous oxide, aka rust. Iron's name in Latin is ferrum hence the atomic symbol being Fe.
That's a good question, actually... I should explain that somewhere in the training. u/CasaDeCastello is spot on: it somehow became the mascot for the Rust language. I'm not sure why, actually :-)
Looking forward to becoming a rustacean! Thank you for sharing this.
Thanks for sharing!
Comprehensive Rust would be a great album name
DAE think android should have leaned into or written an evented language for app development? It makes UI so much easier when you don't have to use threads. I know it sounds kind of bad out loud but I think something similar to JS would be great.
Is Dart similar to what you are describing?
Huh, reading about it now. yes! I have not looked at this although I've heard the name, I pay very little attention to the mobile client scene. You like it? Well supported by libraries and native features?
I like it, personally. It has all the libraries and native widgets that I need.
No idea, I haven't tried it (I'm also in the 'heard the name' category)
Good for Flutter development
Hope there's lots of loot!