Tobias McFaddenKenne ich jemanden in #Berlin, der heute beim #Neil Young Konzert an der #Waldbรผhne ist und Lust auf ein Treffen hat?
#NeilYoung #rusties
#NeilYoung #rusties
Astra Kernel 
โจ DG OPINION ON SAFETY FOR ISO C++
From the paper: ๐
๐ชฒ "We believe we should not force safety on everyone, especially
those who donโt need or want it."
๐ฆ "Rust, originally from Mozilla, built on top of C++ became the poster child of a safe browser language"
๐ฆ"Newer languages have less vulnerabilities because they have not
been through the test of time. Today, even RUST has had vulnerabilities discovered recently
[Rust2][Rust3][Rust4] and time will expose more vulnerabilities and weaknesses for general use."
Source:
https://www.reddit.com/r/rust/comments/10gi09w/dg_opinion_on_safety_for_iso_c/
#rust #rustlang #rusties #rustaceans #cpp #cplusplus #programming #infosec #rustacean
๐ฆ +๐
#Granian: Rust HTTP server for Python applications
๐ Supports ASGI/3,RSGI and WSGI
๐ HTTP 1 & 2 protocols
๐Avoid the usual Gunicorn + uvicorn + http-tools dependency composition on unix systems
โจ Introducing sqlite-xsv: The Fastest CSV Parser for SQLite
๐ New SQLite extension for querying CSVs,TSVs,and other-SVs,written in Rust
๐ Querying gzip'ed & zstd compressed files directly
https://github.com/asg017/sqlite-xsv
๐ฆ ๐ชฒ Watch out for DoS Vulnerability when using Rustโs popular Hyper package
๐ Forgetting to set proper limits on HTTP requests
๐ Up to developers that rely on Hyper to implement size check in their own code
https://jfrog.com/blog/watch-out-for-dos-when-using-rusts-popular-hyper-package/
Rust Hyper - Potential DoS Vulnerability
The JFrog Security Research team is constantly looking for new and previously unknown vulnerabilities and security issues in popular open-source projects to help improve their security posture and defend the wider software supply chain. As part of this effort, we recently discovered and disclosed multiple vulnerabilities in popular Rust projects such as Axum, Salvo and โฆ
๐ฆ Supporting the Use of Rust in the Chromium Project
๐ a simpler (no IPC) and safer
๐ Less complex C++ overall, no memory safety bugs
๐ Speed up development (less code to write)
https://security.googleblog.com/2023/01/supporting-use-of-rust-in-chromium.html
๐ฆ Security issue #Rust
๐ Cargo didn't perform SSH host key verification when cloning indexes and dependencies via SSH
๐ An attacker could exploit this to perform man-in-the-middle attacks
๐ Cargo before 1.66.1 vulnerable
๐ฆ Did you know you can run Rust code one by one just like Python with an interactive REPL?
cargo install evcxr_repl
๐ฆ Rust: Memory Safe Languages in Android 13 ( post by @jeffvanderstoep)
๐ To date, there have been zero memory safety vulnerabilities discovered in Androidโs Rust code
๐ In Android 13, about 21% of all new native code is in Rust
๐ Migrated VM firmware in the Android Virtualization Framework to Rust
https://security.googleblog.com/2022/12/memory-safe-languages-in-android-13.html
#infosec #androidsecurity #memorysafety #exploits #rust #rustlang #rustaceans #rusties
