Signal is upgrading its messaging protocol with a Rust-based, quantum-resistant cryptography system. The update is designed to protect user communications from future "harvest-now-decrypt-later" attacks.
This isn't just a theoretical exercise; it's a large-scale deployment that provides a blueprint for the industry. Does this move signal a new standard for secure software, where formal verification and memory safety are no longer optional?
In today’s Rust recap:
> Signal rolls out post-quantum crypto
> Rust deepens its integration in Linux 6.18
> System76 launches its COSMIC desktop beta
> Volvo validates Rust for automotive systems
Signal Fortifies Its Protocol With a Post-Quantum Ratchet
The Recap: Signal is rolling out the Sparse Post-Quantum Ratchet (SPQR), a significant upgrade to its protocol designed to protect user communications from future quantum computing threats. This new ratchet combines with existing mechanisms to form a "Triple Ratchet," building on the foundation of its previous post-quantum work.
Unpacked:
The primary goal is to protect against harvest-now-decrypt-later attacks, where encrypted data is collected today with the intent of breaking it years from now with a powerful quantum computer.
Instead of replacing its proven cryptography, Signal is layering the new post-quantum algorithms on top, creating a hybrid "Triple Ratchet" that must be broken in both its classical and quantum-secure components to compromise a session.
The implementation has been formally verified using tools like hax, ensuring its cryptographic logic is mathematically sound and free of critical implementation flaws.
Bottom line: Signal's proactive upgrade provides a real-world roadmap for deploying quantum-resistant cryptography at scale. This move further cements Rust's role in building the next generation of secure, provably correct systems.
Rust Deepens Kernel Roots
The Recap: The upcoming Linux 6.18 kernel is set to merge a significant wave of Rust code, highlighted by new atomics that unify the memory model between Rust and C. This marks a major step forward for writing safer, more interoperable low-level kernel code.
Unpacked:
The most impactful change introduces generic LKMM atomic variables, allowing Rust and C code to safely share and operate on the same memory model.
Enhancements to the driver infrastructure are also a major focus, with new Rust abstractions for DebugFS, threaded IRQs, and PCI device support.
Foundational core Rust support continues to mature with automatic
zeroablederivations for generated structs and a newptrmodule for better pointer handling.
Bottom line: These updates demonstrate Rust's transition from an experimental addition to an integral part of the kernel's future. Developers gain more powerful tools to build safer, more concurrent drivers and subsystems from the ground up.
The COSMIC Desktop Arrives
The Recap: System76 has released the public beta for Pop!_OS 24.04, offering the first hands-on look at its new, from-scratch desktop environment, COSMIC, built entirely in Rust.
Unpacked:
The new desktop environment is largely feature-complete for its first release, replacing many core GNOME applications with native COSMIC counterparts like COSMIC Files and Terminal.
Built as a modern Wayland compositor, COSMIC is designed by the System76 team to provide a polished and cohesive user experience on Pop!_OS.
Development focus has now shifted to bug fixes and polish, with progress for the release candidate being tracked on the public project board.
Bottom line: The arrival of COSMIC marks a major milestone for Rust in the desktop Linux world, showcasing its capability for building complex, user-facing applications. This beta serves as a compelling proof-of-concept for creating performant and reliable desktop experiences from the ground up.
Rust Hits the Road with Volvo
The Recap: Volvo Cars has successfully shipped a production component written in Rust, validating the language for safety-critical automotive systems in a recent interview with a System Architect from the company.
Unpacked:
The pilot was driven by a need to eliminate the "long tail of bugs" associated with memory safety issues in C and C++.
The Rust-based team proved twice as effective as comparable teams, with external testers finding almost no bugs in the final product.
The component is now shipping in production vehicles on the SPA2 and SPA3 platforms, as targetable hardware with Rust support has jumped to over 90%.
Bottom line: This successful pilot by a major automaker is a significant milestone for Rust in a safety-first industry. It provides a powerful case study for using Rust to build more reliable and secure embedded systems at scale.
The Shortlist
Zed launched its public beta for Windows, bringing the high-performance, Rust-based code editor to a new platform and addressing a top community request.
Bevy released version 0.17, the result of work from over 270 contributors that introduces a host of rendering improvements, API refinements, and new features for the popular game engine.
Chandler Carruth contrasted Rust's interoperability with Carbon's approach in a RustConf talk, explaining how Carbon is designed to incrementally migrate "brownfield" C++ projects where Rust's model can be challenging to adopt.
Lokus showcased the power of Tauri 2.0 for building performant desktop apps, demonstrating significant wins in bundle size, memory usage, and backend performance by leveraging a Rust core.