The FTC is issuing more than $5.6 million in refunds to Ring customers as part of a privacy settlement. The Associated Press reports: In a 2023 complaint, the FTC accused the doorbell camera and home security provider of allowing its employees and contractors to access customers' private videos. Ring allegedly used such footage to train algorithms without consent, among other purposes. Ring was also charged with failing to implement key security protections, which enabled hackers to take control of customers' accounts, cameras and videos. This led to "egregious violations of users' privacy," the FTC noted.

The resulting settlement required Ring to delete content that was found to be unlawfully obtained, establish stronger security protections and pay a hefty fine. The FTC says that it's now using much of that money to refund eligible Ring customers. According to a Tuesday notice, the FTC is sending 117,044 PayPal payments to impacted consumers who had certain types of Ring devices -- including indoor cameras -- during the timeframes that the regulators allege unauthorized access took place. Eligible customers will need to redeem these payments within 30 days, according to the FTC -- which added that consumers can contact this case's refund administrator, Rust Consulting, or visit the FTC's FAQ page on refunds for more information about the process.

The foundations behind Rust, Python, Apache, Eclipse, PHP, OpenSSL, and Blender announced plans to create "common specifications for secure software development," based on "existing open source best practices."

From the Eclipse Foundation: This collaborative effort will be hosted at the Brussels-based Eclipse Foundation [an international non-profit association] under the auspices of the Eclipse Foundation Specification Process and a new working group... Other code-hosting open source foundations, SMEs, industry players, and researchers are invited to join in as well.

The starting point for this highly technical standardisation effort will be today's existing security policies and procedures of the respective open source foundations, and similar documents describing best practices.

The governance of the working group will follow the Eclipse Foundation's usual member-led model but will be augmented by explicit representation from the open source community to ensure diversity and balance in decision-making. The deliverables will consist of one or more process specifications made available under a liberal specification copyright licence and a royalty-free patent licence... While open source communities and foundations generally adhere to and have historically established industry best practices around security, their approaches often lack alignment and comprehensive documentation.

The open source community and the broader software industry now share a common challenge: legislation has introduced an urgent need for cybersecurity process standards.
The Apache Foundation notes the working group is forming partly "to demonstrate our commitment to cooperation with and implementation of" the EU's Cyber Resilience Act. But the Eclipse Foundation adds that even before it goes into effect in 2027, they're recognizing open source software's "increasingly vital role in modern society" and an increasing need for reliability, safety, and security, so new regulations like the CRA "underscore the urgency for secure by design and robust supply chain security standards."

Their announcement adds that "It is also important to note that it is similarly necessary that these standards be developed in a manner that also includes the requirements of proprietary software development, large enterprises, vertical industries, and small and medium enterprises." But at the same time, "Today's global software infrastructure is over 80% open source... [W]hen we discuss the 'software supply chain,' we are primarily, but not exclusively, referring to open source."

"We invite you to join our collaborative effort to create specifications for secure open source development," their announcement concludes," promising initiative updates on a new mailing list. "Contribute your ideas and participate in the magic that unfolds when open source foundations, SMEs, industry leaders, and researchers combine forces to tackle big challenges."

The Python Foundation's announcement calls it a "community-driven initiative" that will have "a lasting impact on the future of cybersecurity and our shared open source communities."

An anonymous reader shares a report: Echoing the past two years of Rust evangelism and C/C++ ennui, Google reports that Rust shines in production, to the point that its developers are twice as productive using the language compared to C++. Speaking at the Rust Nation UK Conference in London this week, Lars Bergstrom, director of engineering at Google, who works on Android Platform Tools & Libraries, described the web titan's experience migrating projects written in Go or C++ to the Rust programming language.

Bergstrom said that while Dropbox in 2016 and Figma in 2018 offered early accounts of rewriting code in memory-safe Rust - and doubts about productivity and the language have subsided - concerns have lingered about its reliability and security. "Even six months ago, this was a really tough conversation," he said. "I would go and I would talk to people and they would say, 'Wait, wait you have an `unsafe` keyword. That means we should all write C++ until the heat death of the Universe.'"

But there's been a shift in awareness across the software development ecosystem, Bergstrom argued, about the challenges of using non-memory safe languages. Such messaging is now coming from government authorities in the US and other nations who understand the role software plays in critical infrastructure. The reason is that the majority of security vulnerabilities in large codebases can be traced to memory security bugs. And since Rust code can largely if not totally avoid such problems when properly implemented, memory safety now looks a lot like a national security issue.

"What a time we live in," writes Phoronix, "where Microsoft not only continues contributing significantly to the Linux kernel but doing so to further flesh out the design of the Linux kernel's Rust programming language support..." Microsoft engineer Wedson Almeida Filho has sent out the latest patches working on Allocation APIs for the Rust Linux kernel code and also in leveraging those proposed APIs [as] a means of allowing in-place module initialization for Rust kernel modules. Wedson Almeida Filho has been a longtime Rust for Linux contributor going back to his Google engineering days and at Microsoft the past two years has shown no signs of slowing down on the Rust for Linux activities...

The Rust for Linux kernel effort remains a very vibrant effort with a wide variety of organizations contributing, even Microsoft engineers.

Lyle Smith reports via StorageReview.com: Proxmox has introduced a new import wizard for Proxmox Virtual Environment (VE), aiming to simplify the migration process for importing VMware ESXi VMs. This new feature comes at an important time in the industry, as it aims to ease the transition for these organizations looking to move away from VMware's vSphere due to high renewal costs.

The new import wizard is integrated into Proxmox VE's existing storage plugin system, allowing for direct integration into the platform's API and web-based user interface. It offers users the ability to import VMware ESXi VMs in their entirety, translating most of the original VM's configuration settings to Proxmox VE's configuration model (all while minimizing downtime). Currently, the import wizard is in a technical preview state, having been added during the Proxmox VE 8.2 development cycle. Although it is still under active development, early reports suggest the wizard is stable and holds considerable promise for future enhancements, including the planned addition of support for other import sources like OVF/OVA files. [...]

This tool represents Proxmox's commitment to providing accessible, open-source virtualization solutions. By leveraging the official ESXi API and implementing a user space filesystem with optimized read-ahead caching in Rust (a safe, fast, and modern programming language ideal for system-level tasks), Proxmox aims to ensure that this new feature can be integrated smoothly into its broader ecosystem.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) will start providing more hands-on support to open-source software developers as they work to better secure their projects, the agency said. From a report: CISA hosted a two-day, invite-only summit this week with leaders in the open-source software community and other federal officials. During the private event, the agency also ran what's likely the first tabletop exercise to assess how well the government and the open-source community would respond to a cyberattack targeting one of their projects.

During the summit, CISA and a handful of package repositories unveiled new initiatives to help secure open-source projects. CISA is working on a new communication channel where open-source software developers can share threat intelligence and ask the agency for assistance during an incident. The Rust Foundation is developing new public key infrastructure for its repository, which will help ensure that the code developers are uploading isn't malicious and is coming from legitimate users.

npm, which manages the JavaScript programming language, is requiring project maintainers to enroll in multi-factor authentication and is rolling out a tool to generate "software bills of materials," which provide a recipe list of what code and other elements are in a project. Additional repositories -- including the Python Software Foundation, Packagist, Composer and Maven Central -- are pursuing similar projects and also also rolling out tools to help detect and report malware and other security vulnerabilities.

Clare Watson reports via ScienceAlert: By replacing the hazardous chemical electrolytes used in commercial batteries with water, scientists have developed a recyclable 'water battery' -- and solved key issues with the emerging technology, which could be a safer and greener alternative. 'Water batteries' are formally known as aqueous metal-ion batteries. These devices use metals such as magnesium or zinc, which are cheaper to assemble and less toxic than the materials currently used in other kinds of batteries.

Batteries store energy by creating a flow of electrons that move from the positive end of the battery (the cathode) to the negative end (the anode). They expend energy when electrons flow the opposite way. The fluid in the battery is there to shuttle electrons back and forth between both ends. In a water battery, the electrolytic fluid is water with a few added salts, instead of something like sulfuric acid or lithium salt. Crucially, the team behind this latest advancement came up with a way to prevent these water batteries from short-circuiting. This happens when tiny spiky metallic growths called dendrites form on the metal anode inside a battery, busting through battery compartments. [...]

To inhibit this, the researchers coated the zinc anode of the battery with bismuth metal, which oxidizes to form rust. This creates a protective layer that stops dendrites from forming. The feature also helps the prototype water batteries last longer, retaining more than 85 percent of their capacity after 500 cycles, the researchers' experiments showed. According to Royce Kurmelovs at The Guardian, the team has so far developed water-based prototypes of coin-sized batteries used in clocks, as well as cylindrical batteries similar to AA or AAA batteries. The team is working to improve the energy density of their water batteries, to make them comparable to the compact lithium-ion batteries found inside pocket-sized devices. Magnesium is their preferred material, lighter than zinc with a greater potential energy density. [I]f magnesium-ion batteries can be commercialized, the technology could replace bulky lead-acid batteries within a few years. The study has been published in the journal Advanced Materials.

Rust's official survey team released results from their 8th annual survey "focused on gathering insights and feedback from Rust users". In terms of operating systems used by Rustaceans, the situation is very similar to the results from 2022, with Linux being the most popular choice of Rust users [69.7%], followed by macOS [33.5%] and Windows [31.9%], which have a very similar share of usage. Rust programmers target a diverse set of platforms with their Rust programs, even though the most popular target by far is still a Linux machine [85.4%]. We can see a slight uptick in users targeting WebAssembly [27.1%], embedded and mobile platforms, which speaks to the versatility of Rust.

We cannot of course forget the favourite topic of many programmers: which IDE (developer environment) do they use. Visual Studio Code still seems to be the most popular option [61.7%], with RustRover (which was released last year) also gaining some traction [16.4%].
The site ITPro spoke to James Governor, co-founder of the developer-focused analyst firm RedMonk, who said Rust's usage is "steadily increasing", pointing to its adoption among hyperscalers and cloud companies and in new infrastructure projects. "Rust is not crossing over yet as a general-purpose programming language, as Python did when it overtook Java, but it's seeing steady growth in adoption, which we expect to continue. It seems like a sustainable success story at this point."

But InfoWorld writes that "while the use of Rust language by professional programmers continues to grow, Rust users expressed concerns about the language becoming too complex and the low level of Rust usage in the tech industry." Among the 9,374 respondents who shared their main worries for the future of Rust, 43% were most concerned about Rust becoming too complex, a five percentage point increase from 2022; 42% were most concerned about low usage of Rust in the tech industry; and 32% were most concerned about Rust developers and maintainers not being properly supported, a six percentage point increase from 2022. Further, the percentage of respondents who were not at all concerned about the future of Rust fell, from 30% in 2022 to 18% in 2023.

Michael Larabel reports via Phoronix: Back in 2022 Cloudflare announced they were ditching Nginx for an in-house, Rust-written software called Pingora. Today Cloudflare is open-sourcing the Pingora framework. Cloudflare announced today that they have open-sourced Pingora under an Apache 2.0 license. Pingora is a Rust async multi-threaded framework for building programmable network services. Pingora has long been used internally within Cloudflare and is capable of sustaining a lot of traffic while now Pingora is being open-sourced for helping to build infrastructure outside of Cloudflare. The Pingora Rust code is available on GitHub.

Tontoman shares a report: The White House Office of the National Cyber Director (ONCD) urged tech companies to switch to memory-safe programming languages, such as Rust, to improve software security by reducing the number of memory safety vulnerabilities. Such vulnerabilities are coding errors or weaknesses within software that can lead to memory management issues when memory can be accessed, written, allocated, or deallocated. They occur when software accesses memory in unintended or unsafe ways, resulting in various security risks and issues like buffer overflow, use after free, use of uninitialized memory, and double free that attackers can exploit.

Successful exploitation carries severe risks, potentially enabling threat actors to gain unauthorized access to data or execute malicious code with the privileges of the system owner. "For over 35 years, this same class of vulnerability has vexed the digital ecosystem. The challenge of eliminating entire classes of software vulnerabilities is an urgent and complex problem. Looking forward, new approaches must be taken to mitigate this risk," ONCD's report says. "The highest leverage method to reduce memory safety vulnerabilities is to secure one of the building blocks of cyberspace: the programming language. Using memory safe programming languages can eliminate most memory safety errors."

An anonymous reader shared this post from Phoronix: With Linux 6.8 the kernel's Rust code was brought up to Rust 1.75 while new patches posted this weekend port the code over to Rust 1.76 and then the upcoming Rust 1.77...

With Rust 1.77 they have now stabilized the single-field "offset_of" feature used by the kernel's Rust code. Rust 1.77 also adds a "--check-cfg" option that the Rust kernel code will likely transition to in the future. This follows the Rust for Linux policy of tracking the upstream Rust version upgrades until there is a minimum version that can be declared where all used features are considered stable.

This week the non-profit Rust Foundation announced the release of a report on what their Security Initiative accomplished in the last six months of 2023. "There is already so much to show for this initiative," says the foundation's executive director, "from several new open source security projects to several completed and publicly available security threat models."

From the executive summary: When the user base of any programming language grows, it becomes more attractive to malicious actors. As any programming language ecosystem expands with more libraries, packages, and frameworks, the surface area for attacks increases. Rust is no different. As the steward of the Rust programming language, the Rust Foundation has a responsibility to provide a range of resources to the growing Rust community. This responsibility means we must work with the Rust Project to help empower contributors to participate in a secure and scalable manner, eliminate security burdens for Rust maintainers, and educate the public about security within the Rust ecosystem...

Recent Achievements of the Security Initiative Include:

- Completing and releasing Rust Infrastructure and Crates Ecosystem threat models

- Further developing Rust Foundation open source security project Painter [for building a graph database of dependencies/invocations between crates] and releasing new security project, Typomania [a toolbox to check for typosquatting in package registries].

- Utilizing new tools and best practices to identify and address malicious crates.

- Helping reduce technical debt within the Rust Project, producing/contributing to security-focused documentation, and elevating security priorities for discussion within the Rust Project.

... and more!

Over the Coming Months, Security Initiative Engineers Will Primarily Focus On:

- Completing all four Rust security threat models and taking action to address encompassed threats

- Standing up additional infrastructure to support redundancy, backups, and mirroring of critical Rust assets

- Collaborating with the Rust Project on the design and potential implementation of signing and PKI solutions for crates.io to achieve security parity with other popular ecosystems

- Continuing to create and further develop tools to support Rust ecosystem, including the crates.io admin functionality, Painter, Typomania, and Sandpit

An anonymous reader shares a report: When California state legislators passed a 2014 law banning single-use plastic bags, the hope was that it would notably reduce the amount of discarded plastic. But fast-forward nearly a decade: Californians are tossing more pounds of plastic bags than before the legislation was passed. That's according to a recent report by the consumer advocacy group CALPIRG, which took population changes into account and found the tonnage of discarded bags rose from 4.08 per 1,000 people in 2014 to 5.89 per 1,000 people in 2022. How could this happen?

As Susanne Rust reported this week, plastic bag manufacturers replaced one kind of plastic bag for another. You've probably noticed them at grocery stores or had them loaded into your car during a drive-up order. These newer bags are thicker and meet technical specifications to be called "reusable." As Jenn Engstrom, CALPIRG'S state director, explained to Susanne, the switch created a loophole because the newer bags -- which typically cost 10 cents -- "are clearly not being reused and don't look like reusable bags and ... just circumvent the law's intent." The pandemic was also a contributing factor. COVID restrictions led many to get groceries, restaurant dishes and other products delivered to our doors, often in thick plastic bags.

There's an effort to close the loophole, though. New legislation is being proposed that would also ban the thicker plastic bags from grocery and large retail stores. Clearly, not enough consumers have changed their plastic bag habits at the checkout stand. But the onus isn't on individuals. Plastic manufacturers create these products. Businesses buy the bags so customers have somewhere to put the goods they buy from businesses. [...] Under the new law, at least 30% of plastic items sold, distributed or imported into California must be recyclable by Jan. 1, 2028. It also stipulates that single-use plastic waste be reduced 25% by 2032. But as Susanne pointed out, plastics companies will have notable oversight and authority over the program "via a Producer Responsibility Organization, which will be made up of industry representatives."

Michael Larabel writes via Phoronix: While there have been efforts by AMD over the years to make it easier to port codebases targeting NVIDIA's CUDA API to run atop HIP/ROCm, it still requires work on the part of developers. The tooling has improved such as with HIPIFY to help in auto-generating but it isn't any simple, instant, and guaranteed solution -- especially if striving for optimal performance. Over the past two years AMD has quietly been funding an effort though to bring binary compatibility so that many NVIDIA CUDA applications could run atop the AMD ROCm stack at the library level -- a drop-in replacement without the need to adapt source code. In practice for many real-world workloads, it's a solution for end-users to run CUDA-enabled software without any developer intervention. Here is more information on this "skunkworks" project that is now available as open-source along with some of my own testing and performance benchmarks of this CUDA implementation built for Radeon GPUs. [...]

For those wondering about the open-source code, it's dual-licensed under either Apache 2.0 or MIT. Rust fans will be excited to know the Rust programming language is leveraged for this Radeon implementation. [...] Those wanting to check out the new ZLUDA open-source code for Radeon GPUs can do so via GitHub.

Remember "Servo," Mozilla's "next-generation browser engine," focused on performance and robustness?

"The developers of Servo are starting 2024 by going all in..." reports It's FOSS News, citing a social media post from FOSDEM. "[T]he Servo Project team were there showing off the work done so far." If you were not familiar, Servo is an experimental browser engine that leverages the power of Rust to provide a memory-safe and modular experience that is highly adaptable. After Mozilla created Servo back in 2012 as a research project, it saw its share of ups and downs over the years, with it making a comeback in 2023; thanks to a fresh approach by the developers on how Servo should move forward.

Even though there are plenty of open source Chrome alternatives, with this, there's a chance that we will get some really cool options based on Servo that just might give Blink and Gecko a run for the money! Just a few months back, in September 2023, after The Servo Project officially joined Linux Foundation Europe, the existing contributors from Igalia stepped up their game by taking over the project maintenance. To complement that, at Open Source Summit Europe last year, Manuel Rego from Igalia shared some really useful insights when he presented.

He showcased stuff like the WebGL support, cross-platform support including mobile support for Android and Linux, among other things. They have experimented with Servo for embedded applications use-cases (like running it on Raspberry Pi), and have plans to make advances on it. As far as I can see, it looks like, Servo is faster for Raspberry Pi compared to Chromium. You can explore more such demos on Servo's demo webpage.
2024's roadmap includes "Initial Android support, that will see Servo being made to build on modern Android versions," according to the article, "with the developers publishing nightly APKs on the official website some time in the future."

One fun fact? "Even though Mozilla dropped the experimental project, Firefox still utilizes some servo components in the browser"

Another FOSDOM update from social media: "Thunderbird is also embracing Rust."

An anonymous Slashdot reader shared this report from SiliconANGLE: The Rust Foundation, which supports the development of the popular open-source Rust programming language... shared that Google LLC had made a $1 million contribution specifically earmarked for a C++/Rust interoperability effort known as the "Interop Initiative." The initiative aims to foster seamless integration between Rust and the widely used C++ programming language, addressing one of the significant barriers to Rust's adoption in legacy systems entrenched in C++ code.

Rust has the ability to prevent common memory errors that plague C++ programs and offers a path toward more secure and reliable software systems. However, transitioning from C++ to Rust presents notable challenges, particularly for organizations with extensive C++ codebases. The Interop Initiative seeks to mitigate these challenges by facilitating smoother transitions and enabling organizations to leverage Rust's advantages without completely overhauling their existing systems.

As part of the initiative, the Rust Foundation will collaborate closely with the Rust Project Leadership Council, stakeholders and member organizations to develop a comprehensive scope of work. The collaborative effort will focus on enhancing build system integration, exploring artificial intelligence-assisted code conversion techniques and expanding upon existing interoperability frameworks. By addressing these strategic areas, the initiative aims to accelerate the adoption of Rust across the software industry and hence contribute to advancing memory safety and reducing the prevalence of software vulnerabilities.
A post on Google's security blog says they're excited to collaborate "to ensure that any additions made are suitable and address the challenges of Rust adoption that projects using C++ face. Improving memory safety across the software industry is one of the key technology challenges of our time, and we invite others across the community and industry to join us in working together to secure the open source ecosystem for everyone."

The blog post also includes this quote from Google's VP of engineering, Android security and privacy. "Based on historical vulnerability density statistics, Rust has proactively prevented hundreds of vulnerabilities from impacting the Android ecosystem. This investment aims to expand the adoption of Rust across various components of the platform."

The Register adds: Lars Bergstrom, director of Android platform tools and libraries and chair of the Rust Foundation Board, announced the grant and said that the funding will "improve the ability of Rust code to interoperate with existing legacy C++ codebases.... Integrating Rust today is possible where there is a fallback C API, but for high-performance and high-fidelity interoperability, improving the ability to work directly with C++ code is the single biggest initiative that will further the ability to adopt Rust...."

According to Bergstrom, Google's most significant increase in the use of Rust has occurred in Android, where interoperability started receiving attention in 2021, although Rust is also being deployed elsewhere.... Bergstrom said that as of mid-2023, Google had more than 1,000 developers who had committed Rust code, adding that the ad giant recently released the training material it uses. "We also have a team working on building out interoperability," he added. "We hope that this team's work on addressing challenges specific to Google's codebases will complement the industry-wide investments from this new grant we've provided to the Rust Foundation."

Google's grant matches a $1 million grant last November from Microsoft, which also committed $10 million in internal investment to make Rust a "first-class language in our engineering systems." The Google-bucks are expected to fund further interoperability efforts, along the lines of KDAB's bidirectional Rust and C++ bindings with Qt.

According to a job listing spotted by AFTVNews, Amazon makes it clear that the company plans to ditch Android for its own "VegaOS" operating system. "The new platform is said to rely on React Native and would require new apps to be built," reports 9to5Google. From the report: As spotted by AFTVNews, a job listing from Amazon was looking for a "Fire TV Experience Software Development Engineer." The job listing's description makes it abundantly clear that a key part of the role is focused on the transition from Android to the rumored "VegaOS," because it quite literally says that's what is happening, with Amazon saying that Fire TV is transitioning from "FOS/Android" (Fire OS/Android) to "native/Rust" and even explicitly mentioning React Native. The listing, which has since been removed, provides extremely strong evidence of Amazon's plans, which is probably why it was so quickly removed.

An anonymous reader shares a report: Microsoft's adoption of Rust continues apace if a posting on the IT titan's careers website is anything to go by. Although headcount at Microsoft might currently be down -- by two percent compared to the previous year -- recruitment persists at the Windows giant. In this case, the company is forming a team of Rustaceans to tackle a platform move away from C#.

The job, a principal software architect for Microsoft 365, has responsibilities that include "guiding technical direction, design and implementation of Rust component libraries, SDKs, and re-implementation of existing global scale C# based services to Rust." According to the post, the job lurks within the Substrate App Platform group, part of the Microsoft 365 Core Platform organization. The Substrate does the heavy lifting behind the scenes for Microsoft's cloud services, making a rewrite into Rust quite a statement of intent. Microsoft said: "We are forming a new team focused on enabling the adoption of the Rust programming language as the foundation to modernizing global scale platform services, and beyond."

Steam's newest hit survival game, Palworld, has been accused of plagiarising designs from Pokemon, as social media users negatively highlight its creator's historical association with generative AI tools. VideoGamesChronicle: Palworld by Japanese studio Pocketpair released into early access on PC and Xbox on Friday, and immediately became a breakout success, with its creator claiming 2 million sales in 24 hours. The huge launch exposure inevitably reignited discourse that has followed Palworld since its announcement, around its character designs' apparent similarities to Pokemon. Although the gameplay of Palworld is closer to survival games like Ark and Rust than Game Freak's series, many social media users have noted the obvious influences its character designs have taken from the Nintendo series.

Following Palworld's release on Friday, some X users collated perceived similarities between Palworld's 'Pals' and Pokemon. "It's not even subtle about its rip offs, how much else has it stolen?" wrote one user. Another added: "I want to like Palworld, but I don't know if I can support running existing Pokemon through a fusor and passing them off as 'new' IP." The situation is further muddled in the eyes of some by Pocketpair's historical relationship with generative AI tools. Artist Zaytri noted on X that one of its previous titles was 'AI: Art Imposter,' a game which literally utilises an AI image generator as its core mechanic. The user also highlighted multiple historical X posts by Pocketpair's CEO Takuro Mizobe, in which he appeared to praise the potential of AI image generators for content creation.

"A Canonical engineer has been experimenting with implementing a Linux scheduler within the Rust programming language..." Phoronix reported Monday, "that works via sched_ext for implementing a scheduler using eBPF that can be loaded during run-time."

The project was started "just for fun" over Christmas, according to a post on X by Canonical-based Linux kernel engineer Andrea Righi, adding "I'm pretty shocked to see that it doesn't just work, but it can even outperform the default Linux scheduler (EEVDF) with certain workloads (i.e., gaming)." Phoronix notes the a YouTube video accompanying the tweet shows "a game with the scx_rustland scheduler outperforming the default Linux kernel scheduler while running a parallel kernel build in the background."

"For sure the build takes longer," Righi acknowledged in a later post. "This scheduler doesn't magically makes everything run faster, it simply prioritizes more the interactive workloads vs CPU-intensive background jobs." Righi followed up by adding "And the whole point of this demo was to prove that, despite the overhead of running a scheduler in user-space, we can still achieve interesting performance, while having the advantages of being in user-space (ease of experimentation/testing, reboot-less updates, etc.)"

Wednesday Righi added some improvements, posting that "Only 19 lines of code (comments included) for ~2x performance improvement on SMT isn't bad... and I spent my lunch break playing Counter Strike 2 to test this patch..."

And work seems to be continuing, judging by a fresh post from Righi on Thursday. "I fixed virtme-ng to run inside Docker and used it to create a github CI workflow for sched-ext that clones the latest kernel, builds it and runs multiple VMs to test all the scx schedulers. And it does that in only ~20min. I'm pretty happy about virtme-ng now."