Blog

Tech blog on web, security & embedded
Let's be frank: Rust is a cool language, but there's not a chance I'm introducing it in my company if I can't get any engineers for it. We'll stick with technologies with a much healthier job market.
June 10, 2024

Tock binary size

Tock is a powerful and secure embedded operating system. While Tock was designed with resource constraints in mind, years of additional features, generalizing to more platforms, and security improvements have brought resource, and in particular, code size bloat.
PTP was originally designed for networks in which all devices were ultimately trusted. In version 1, no security mechanism was present, and version 2 only provided an experimental mechanism. However, with version 2.1 of the PTP standard (IEEE 1588-2019) there is now a normative security mechanism in section 16.14.
June 7, 2024

Mix in Rust with C

So, you've just read my previous post on Rust interoperability in general, and now you're curious about how to actually apply the concepts to your situation. You've come to the right place, because in this post and the two that follow, I'll demonstrate how to make Rust and C talk to each other.
June 6, 2024

Mix in Rust

What does it actually mean to introduce Rust in an existing project, and having it communicate with other languages in the code base? This article launches a series of blog posts that provide guidance for introducing Rust into your code base step by step.
The internet has a hole at the bottom of its trust stack, and we need to do something about it. In particular, the internet needs secure time synchronization to fortify the security of our digital world. In this article, we present a path towards the adoption of securely synchronized time.
Messing around with people's clocks can be a great source of practical jokes. Even nowadays, with many people getting their time digitally, this is not as impossible as you might think. (And the month of April, with the switch to summer time and April Fool's Day, provided the perfect timing for this experiment, of course...)
The number of data centers worldwide is constantly increasing, and so is their electricity consumption. One way to become more power-efficient is certainly the constant development of better hardware, but we as developers should do our share. This post shows how coding in Rust can help to use existing resources more efficiently, to help preserve our planet — at least a little bit.
When sudo-rs development started, we added several dependencies using Rust’s crates ecosystem to quickly ramp up development. During development we accrued approximately 135 transitive (direct and indirect) dependencies. Once this was identified, we managed to reduce our total dependencies down to three. In this blog, we explain why and how we did this.
Our tagline reads “Software must become safer”, and for good reason; We feel very strongly about this. But it does lead to the obvious and fair question: “What exactly do you do to ensure that the software your teams produce is safe and secure?”
At the end of 2022, we announced the creation of Rust 101, a university course that introduces students of computer science to Rust. Initially, the course was created for the Faculty of Informatics and Information Technologies at STU Bratislava (FIIT), but from the start we've wanted to create an open-source, modular and reusable set of teaching resources. Having now achieved that milestone, it is time for a new announcement: Rust 101 has evolved to teach-rs.
In February of 2024, I was invited by Matthias Endler of Corrode to join him on his podcast Rust in Production. We discussed how Tweede golf uses Rust in production, to ensure the safety and security of critical infrastructure software.

While using a full-blown filesystem for storing your data in non-volatile memory is common practice, those filesystems are often too big, not to mention annoying to use, for the things I want to do. My solution?

I've been hard at work creating the sequential-storage crate. In this blog post I'd like to go over what it is, why I created it and what it does.

Asynchronous programming is pretty weird. While it is straightforward enough to understand in principle (write code that looks synchronous, but may be run concurrently yada yada yada), it is not so obvious how and when async functions actually perform work. This blog aims to shed light on how that works in Rust.

At Tweede golf we're big fans of creating applications on embedded devices with Rust and we've written a lot about it.

But if you're a hardware vendor (be it chips or full devices/systems), should you give your users Rust support in addition to your C support?

In this blog I argue that the answer to the question is yes.

In Dutch we have a saying 'meten is weten', which translates to 'to measure is to know'. That sentiment is frequently overlooked in setting up computers and networks.
Ever wanted to have a quickly put together command-line tool to delete large chunks of your project automatically? Me neither, but my colleague Marc made a pretty convincing argument as to why such a tool could be useful. So we went ahead and made it. Here are the results.
At Tweede golf, we are working on modern implementations of time synchronization protocols in Project Pendulum. The ntpd-rs project is part of it, and we've recently implementend the draft specification of NTPv5, for which we built a test server at IETF 118. This blogs covers the what, why and how (including a 'how to run').
I was invited by OCP-TAP to join them in their 87th Project Call to talk about Pendulum, our Rust implementations of NTP and PTP. The recording of this call on 8 Nov 2023 is now available.
At the GOSIM Conference in Shanghai, last September, I had the opportunity to talk about ntpd-rs, our project implementing the Network Time Protocol.
About one year ago, Tweede Golf announced "Statime", a Rust implementation of the Precision Time Protocol (PTP). The result of that first phase was a working proof of concept. Quite a bit has changed since then.
Thanks to funding from NLNet and ISRG, the sudo-rs team was able to request an audit from Radically Open Security (ROS). In this post, we'll share the findings of the audit and our response to those findings.
One of the hot topics in software security is memory safety. This article covers two questions: What is it? And why do we think it is worth investing in?

At Tweede golf we are convinced that if software is written in Rust, it will be more robust (compared to legacy languages such as C, C++ or Java), and more efficient (compared to code written in PHP or Python and again, Java).

In order to get more robust software out there, we have to get Rust code running on computers of people who are not themselves Rust developers.

We're proud to announce that 5 October 2023 marked the first stable release of ntpd-rs!
Just because we're engineers, doesn´t mean we build ALL our applications ourselves. But sometimes inspiration hits and good things happen. So our company planner is now canvas-rendered, has a Rust backend and works like a charm.
September 5, 2023

Are we embedded yet?

Rust is maturing and every year more software is being made with it. In fact, Rust can be used as a competitor to C. In this article I will argue that this is now also the case for embedded Rust!
When we first introduced Rust 101 to you on our website, preparations for its first run where in full swing. The action started in February 2023; 20 students of the Faculty of Informatics and Information Technologies of the Slovak University of Technology in Bratislava followed 9 lectures and 9 tutorials, and worked on their own rust project to round off the course. The course was completed in May.
Sovereign Tech Fund will support our effort to build modern and memory-safe implementations of the Network Time Protocol (NTP) and the Precision Time Protocol (PTP).
The latest release of ntpd-rs compiles on several new targets: the FreeBSD and macOS operating systems now work, and ntpd-rs now supports musl libc on Linux. The PRs adding support for these platforms are all community contributions, which is very exciting.
A while ago, in 2020, I wrote a blog post similar to this one. Sure, it has a bit of a clickbait-y title, but it couldn't be more accurate. At the time I was full of amazement about the way Rust tackles embedded software development. I forsaw great things for Rust's future, even though Rust and its ecosystem were yet not quite mature. We're 3 years further down the road right now, which is like 300 Rust years as Rust is progressing fast. About time for an update!
In April 2023 Wouter (left in picture) and I and went to Paris to attend CYSAT, a conference about cyber security for the space industry. We met up with our client GAMA's Chris de Claverie (right in picture). Wouter and Chris (and also Dion) had been working together for months and teamed up to explain to the audience how and why they were putting Rust in space.
In March/April 2023 ntpd-rs underwent a security audit. The audit was executed by Radically Open Security and funded by NLnet Foundation. The audit did not uncover any major issues, but did help us make ntpd-rs more robust. It has been extremely valuable to have someone from outside of the development team look at the code in detail.
May 31, 2023

Threat Modelling

Since I joined Tweede golf as the security lead, I’ve had the chance to work on improvements regarding security and privacy for all projects, as well as for the organisation in general.
At RustNL 2023, a Rust conference held in Amsterdam recently, I had the opportunity to talk about ntpd-rs, our project implementing the Network Time Protocol.
For some time, we have been quietly laying the groundwork for a new implementation of sudo in Rust. Now we are excited to talk about it!

This article is an adaptation of the original, published by Prossimo.

We're happy to announce that the Internet Security Research Group has officially made us the maintainers of the open-source memory-safe implementation of NTP, ntpd-rs. As such, we are now also looking for early adopters.

The implementation includes a server and client, as well as full support for Network Time Security (NTS), which brings encryption and greater integrity to time synchronization. Timing is precise and stable, as reflected by excellent performance in the NTP pool.

NLR, Royal Netherlands Aerospace Centre, invited embedded lead Dion to explain the benefits of programming in Rust to the company.

While working on the Roc compiler, we regularly dive deep on computer science topics. A recurring theme is speed, both the runtime performance of the code that we generate, as well as the performance of our compiler itself.

One extremely useful technique that we have been playing with is data-oriented design: the idea that the actual data you have should guide how code is structured.

February 24, 2023

Introducing MailCrab!

MailCrab is an email test server for development, written entirely in Rust.
Show more