google

    Google writes safer code with Rust

    From “Google hails move to Rust for huge drop in memory vulnerabilities”:

    In Google’s own shift towards using memory safe programming languages there has been a significant drop in the number of memory-related vulnerabilities, with memory safe vulnerabilities down to 24% in 2024 - a stark contrast from 2019 [76%] and well below the industry norm of 70%.

    Memory safety is not the same as safety. You can still write bad logic in any language. It “just” gets rid of the majority of bugs so that programmers can concentrate on the more interesting parts.

    Also, yes, of course you can write safe C code. No one with a large codebase ever has in practice, but it’s at least hypothetically possible. Wouldn’t rather not have to, though?

    The fine folks who make iA Writer wrote about their challenges supporting Android.

    My first impressions:

    1. I’m glad Google is taking user privacy so seriously.
    2. …but I didn’t know it was so Kafka-esque for developers to comply with their requirements.

    I hear “why would devs ever tolerate Apple’s App Store shenanigans when Android is right there?” Well, because the grass isn’t always greener.

    Ideally, both Apple and Google would make it easier for devs. Nothing about this requires either’s processes to be more complicated than they inherently are. As it stands today, both shift a lot of extra effort and compliance guesswork onto developers.

    Google v. Oracle - victory!

    This morning the US Supreme Court ruled for Google in Oracle’s case against them. This is wonderful news for American software engineering as the opposite ruling would have been disastrous for the entire industry.

    Consider a comprehensive, albeit farfetched, analogy that illustrates how the API is actually used by a programmer. Imagine that you can, via certain keystrokes, instruct a robot to move to a particular file cabinet, to open a certain drawer, and to pick out a specific recipe. With the recipe in hand, the robot then moves to your kitchen and gives it to a cook to prepare the dish. This example mirrors the API’s task-related organizational system. Through your simple command, the robot locates the right recipe and hands it off to the cook. In the same way, typing in a method call prompts the API to locate the correct implementing code and hand it off to your computer. And importantly, to select the dish that you want for your meal, you do not need to know the recipe’s contents, just as a programmer using an API does not need to learn the implementing code. In both situations, learning the simple command is enough.

    I think that’s a great analogy, if I do say so myself.

    Google v. Oracle, by analogy

    Suppose Joe opens a restaurant. He hires a waiter who is really great at following directions, but speaks no English. Over time, Joe comes up with a way of working with this waiter that’s very precise and detailed. You can ask the waiter for things like “order burger plus cheese plus ketchup no tomato no onion” or “bring check” or “bring water”. However, you have to say things exactly the right way each time. You can’t just say “order cheeseburger” instead of “order burger plus cheese”, or “bring me some water” instead of “bring water”. If you do, the waiter will only say “I don’t understand” and wait for you to say it the right way.

    All of this is explained on the menu, and the waiter is otherwise good enough at his job that people are willing to learn the Joe’s Cafe way of ordering their food and asking for the check afterward.

    A while later, Gina decides to open a different restaurant across town from Joe’s place. Her food is nothing like Joe’s, she uses different suppliers, her kitchen has a brand new setup she invented herself, and she uses little robot dogs instead of waiters. However, she does a little market research and finds out that a lot of people in her city are use to ordering food the Joe way. To make it easier for her customers, she programs her robot dogs to respond to requests the same way that Joe’s waiter would. Then they’ll be able to order food and enjoy her restaurant without having to learn a whole new system!

    Now, at Joe’s, if you say “order burger plus cheese”, the waiter writes this down, carries the order to the kitchen, and hands it to the cook. The cook follows the instructions, hands the food to the waiter, and the waiter takes it back to the table. Gina’s restaurant doesn’t have burgers, but if you tell her robot dog to “order steak plus potato”, it transmits the order via radio to the kitchen where a 3D printer makes it and then sends it to your table via a flying drone.

    In other words, you place your order at Gina’s restaurant the same way you would at Joe’s, but almost everything else about the process is completely different because Gina came up with her system from scratch. As it turns out, a few orders do happen to work the same because there are only so many ways to react to “bring water”. That’s natural, though. Gina didn’t copy Joe’s “leave the table, fill a pitcher with water, bring it back to the table, and fill the empty glasses” process; that’s just the way you do it.

    This is same as the relationship between Oracle and Google. Oracle bought a company who made a programming language called Java that became popular. When Google was making their Android phones, they wanted to make it easy for developers to write apps and games for it. Since so many people were already familiar with Java, they decided to let developers use it. However, they made their own Java from scratch that looks like Oracle’s Java from a programmer’s point of view but is completely different behind the scenes. As with Joe and Gina, the way you place your order is the same, but that’s where the similarity ends.

    Oracle is suing Google because they say it’s unfair that Google allowed their developers to write programs in something that looks like Java, except without it actually being Java, and that Google should pay them for the privilege.

    If it’s not reasonable that Gina should have to pay Joe just because her robot dog knows how to respond to “order steak plus potato”, then it’s not reasonable that Google should have to pay Oracle since they didn’t use any of Oracle’s underlying work.

    Google is asking the US Supreme Court to declare that they didn’t copy Oracle’s programming code when they created their own work-alike system. For the sake of the US software industry, I hope Google wins.

    As a personal note, I don’t like eating at either Joe’s or Gina’s restaurant. The food’s awful in both places. I still don’t think that Gina (or Google) owe Joe (or Oracle) anything.