为什么我们应该关注 Rust 语言?(微软Azure团队成员首次透露 Rust 在微软内部 ... ... ) by 张汉东老师
(标题党)
这是 微软 Azure 云团队 的 Ryan Levick 在 Rust Linz 线上Rust Meetup 的分享,分享内容主要是他对Rust语言的看法,其实这些看法对于 Rust 社区的老炮来说,都是老生常谈了。
我们更关注于Ryan的身份:他是微软Azure 云团队的人。通过他,我们可以了解更多关于 Rust 在微软应用的内幕。
这节视频的 Question环节(时间 42:26 )的第一个问题,就是主持人在问:
One very interesting question is in what ways is microsoft actively developing using Rust ? 一个非常有趣的问题是,微软正在以何种方式积极使用Rust?
看到这里,我才发现,原来国外 Rust 社区也非常关注这个问题。
Ryan 回答:
yes , so we 've written about this a little bits . um. in the blog and MSRC and i'm going to go all the way back to the begnning of the talk ,and go back to this graph that i showed here. 是的,所以,我们已经对此进行了一些介绍。比如,在博客和 MSRC (微软安全响应中心)中,我将回到讨论的开始,然后再回到我在此次分享中展示的那张图。
this is actually from the msrc, the microsoft security response center, which is the team in charge of security response at microsoft across all of our products, and about two years ago , they took a look at this graph and got very sad , and said we've been putting a lot of money into making our sofeware safer and which has been working , we have we find a lot more vulnerabilities ourselves instend of bad people finding them , before we do which is good , that's good, but what they wouldn't it be great if this number didn't you know if this didn't exist , and we didn't have to worry about finding them before the bad people did because they just didn't exist in the first place. and so looing at this number where you see 70% of the security vulnerabilities are momory safety related and that from 2006 to 2018 , by the way 2019, was the same . we didn't update the slide but it's the same percentage roughly 70 , the number is just not going down , how can we do this . well, on possible way to do that is adopting the language that where you literally can't write memory safety bugs that could be using c# , and so one aspect of that is let's use more C# , let's use more GC languages , they get rid of these a lot of these issues as well , but we 're writing windows and office , xbox games center microcontrollers , we're writing firmware a lot of these things . C# is just not going to probably be the language that you want to use , because of it's gc and so we need an alternative , so we went out in the world and found Rust as the best alternative that we can adopt , i mean microsoft is slow and big company as most big companies , so we're not going to rewrite everything and rest tomorrow. but little by little more teams are adopting it .
前面讲了MSRC 博客上曾经讲过的东西, 70%的安全漏洞来自于内存安全问题等等。下面才是重点:
i can't say , i really wish i could say, which teams are adopting it right now . but we 're still not quite ready to make that public , there are a few like azure iot , they write iot devices as well as web servsers that help you manage those devices . they are active open source users of rust , so that's no secret there.
鉴于保密原因,ryan还不能公开太详细的内容,只是说有一个类似于 Azure IOT 的产品在用Rust,用于管理iot 设备。
there are other teams inside of microsoft that are using starting to use rust , and really seeing great results with it , and if we could just get my colleagues to write blog posts quicker then you know at some point . we're going to be writing a lot more about that . we start discussing which teams are using it , but i can say not only are we seeing great memory safety advances , we're also seeing perfomance gains which was has been really surprising , now if you were to rewrite some of that code in c++, you know modern c++ , maybe you would see the same improvements but the good thing is that it's not all about memory safety at the expense of something else it's basically just positives that are happening with our adoption of rust , and so it's making the pain of adoption which comes from adopting new tools learning new things , taking on new build system , so forth it's making that worth it . and hopefully we can share more about that in the near future .
还有其他一些团队在使用 Rust ,这些都会在后面陆续通过博客公开出来。ryan只是谈到 Rust 在微软内部的应用虽然刚开始有点痛楚,但都是值得的,因为都收到了非常积极的回报。
期待后续的博客文章吧。
Ryan 视频地址:https://www.youtube.com/watch?v=OhCjnyBc448&feature=youtu.be