Microsoft is Creating a New Rust-Based Programming Language For Secure Coding
Under Project Verona, Microsoft is working to make Windows 10 more secure by integrating Mozilla-developed Rust for low-level Windows components. "'Memory safety' is the term for coding frameworks that help protect memory space from being abused by malware," reports ZDNet. "Project Verona at Microsoft is meant to progress the company's work here to close off this attack vector." From the report: Microsoft's Project Verona could turn out to be just an experiment that leads nowhere, but the company has progressed far enough to have detailed some of its ideas through the UK-based non-profit Knowledge Transfer Network. Matthew Parkinson, a Microsoft researcher from the Cambridge Computer Lab in the UK who's dedicated to "investigating memory management for managed programming languages," gave a talk last week focusing on what the company is doing to address these memory issues. In the talk, Parkinson discussed the work Microsoft has done with MemGC, which is short for Memory Garbage Collector, for Internet Explorer (IE) and Edge. MemGC addressed vulnerabilities in the standard browser feature known as a Document Object Model (DOM), a representation of the data used by browsers to interpret web pages. Google's elite Project Zero hackers were impressed with Microsoft's MemGC after canvassing major browsers. [...] The other class of bugs Microsoft is working on to address relates to uninitialized memory in a way that also doesn't kill performance. [...] Parkinson said Microsoft is rewriting some "targeted" components in Rust. His talk focused on language design and compartmentalization. "If we want compartments, and to carve up the legacy bits of our code so [attackers'] exploit code can't get out, what do we need in the language design that can help with that?" This is Project Verona and Parkinson said it was the first time he'd discussed the project, which will be made open source "soon". It is a new language for what Microsoft is calling "safe infrastructure programming." "The challenge for Microsoft is dealing with the 'application spectrum,' which spans from C# for desktop apps through to C and C# for Exchange, ASP.NET, Azure, and device drivers, to deep Windows components like memory management and boot loaders and the Windows kernel hardware abstraction layer (HAL)," the report says. "The ownership model in Verona is based on groups of objects, not like in Rust where it's based on a single object," said Parkinson. "In C++ you get pointers and it's based on objects and it's pretty much per object. But that isn't how I think about data and grammar. I think about a data structure as a collection of objects. And that collection of objects as a lifetime. So by taking ownership at the level of ownership of objects, then we get much closer to the level of abstraction that people are using and it gives us the ability to build data structures without going outside of safety."
Read more of this story at Slashdot.