Announcement

Collapse
No announcement yet.

Mozilla Has Been Rewriting Its Crash Reporter In Rust

Collapse
X
Collapse
 
  • Page of 6
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 6 template Next
  • #1

    Mozilla Has Been Rewriting Its Crash Reporter In Rust

    Phoronix: Mozilla Has Been Rewriting Its Crash Reporter In Rust

    Mozilla hopes you'll never have to see it, but they've been rewriting their crash reporting application for Firefox within the Rust programming language...

    Mozilla Has Been Rewriting Its Crash Reporter In Rust - Phoronix
    https://www.phoronix.com/news/Mozilla-Rust-Crash-Reporter
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
  • #2
    I notice I haven't seen a crash in quite awhile. Kind of nice.
    • Likes 23

    Comment

    • #3
      I'm surprised that GTK was the easiest of the three to implement. My experience with it has been quite poor compared to using qt.

      If that's the simplest of the bunch, I don't want to see the win32/cocoa versions
      • Likes 8

      Comment

      • #4
        Nice to see Mozilla is a bit back on the Rust track.
        • Likes 6

        Comment

        • #5
          Originally posted by kvuj View Post
          I'm surprised that GTK was the easiest of the three to implement. My experience with it has been quite poor compared to using qt.

          If that's the simplest of the bunch, I don't want to see the win32/cocoa versions
          Firefox has always been using GTK for it's UI and I am not surprised by Firefox's experience with this given they are already used to the model and UI is pretty minimal for this kind of application anyway. Windows on the other hand is always a pain for cross platform work.
          • Likes 10

          Comment

          • #6
            Originally posted by kvuj View Post
            I'm surprised that GTK was the easiest of the three to implement. My experience with it has been quite poor compared to using qt.

            If that's the simplest of the bunch, I don't want to see the win32/cocoa versions
            I don't know how much better MFC is, and I've barely made headway into my copy of Programming Starter Kit for Macintosh for my Power Mac G4 running Mac OS 9, let alone Carbon or Cocoa, but the base Win32 API is closer to Xlib or SDL than to GTK, in terms of how you interact with it.
            • Likes 2

            Comment

            • #7
              Originally posted by kvuj View Post
              I'm surprised that GTK was the easiest of the three to implement. My experience with it has been quite poor compared to using qt.
              I din't do gui programming for some time now, but last time I checked - maybe some 10 years ago, I found gtk3's API quite clean and easy to use - even though it was a C API. Qt was okay too, but had some annoying things which was why I preferred GTK back then.
              • Likes 3

              Comment

              • #8
                Rust is great and allows writing more secure applications easily. Unless you're using it on broken by design "operating systems" like Windows:

                Critical Rust flaw enables Windows command injection attacks
                https://www.bleepingcomputer.com/news/security/critical-rust-flaw-enables-windows-command-injection-attacks/
                Threat actors can exploit a security vulnerability in the Rust standard library to target Windows systems in command injection attacks.


                Threat actors can exploit a security vulnerability in the Rust standard library to target Windows systems in command injection attacks.

                GitHub rated this vulnerability as critical severity with a maximum CVSS base score of 10/10. Unauthenticated attackers can exploit it remotely, in low-complexity attacks, and without user interaction.​

                "An attacker able to control the arguments passed to the spawned process could execute arbitrary shell commands by bypassing the escaping. The severity of this vulnerability is critical if you are invoking batch files on Windows with untrusted arguments. No other platform or use is affected."

                The Rust security team faced a significant challenge when dealing with cmd.exe's complexity since they couldn't find a solution that would correctly escape arguments in all cases.

                Flatt Security engineer Ryotak discovered the vulnerability and dubbed it BatBadBut, says the flaw also impacts the following programming languages—however, not all of them have released patches:
                • Erlang (documentation update)
                • Go (documentation update)
                • Haskell (patch available)
                • Java (won’t fix)
                • Node.js (patch will be available)
                • PHP (patch will be available)
                • Python (documentation update)
                • Ruby (documentation update)
                Using Windows is messing with fire. So much developers time wasted on fixing this m$ crap. Still insecure after all those years.
                Last edited by Volta; 23 April 2024, 04:41 PM.
                • Likes 13

                Comment

                • #9
                  Originally posted by andyprough View Post
                  I notice I haven't seen a crash in quite awhile. Kind of nice.
                  Had one the other day when I left my PC on over night...
                  • Likes 2

                  Comment

                  • #10
                    Lol, this is probably to prevent the crash recorder from crashing.
                    • Likes 3

                    Comment

                    Previous 1 2 3 4 6 template Next
                    Working...
                    X