Rust Unsafe Code Interviews

Sprache : Es gibt diese Seite auch auf Deutsch.

Looking for Interview Partners

Do you contribute to Rust projects where you ever had to write unsafe code or know someone who does? We would love to interview you about your experiences working with Rust and unsafe code.

We are a group of security & privacy researchers from the German CISPA Helmholtz-Center for Information Security and the Leibniz University Hannover with collaborations to various other institutions. We are looking for interview partners from various Rust projects to gain deeper insights from many involved contributors and a wide field of projects. We would like to reward each participant with an $80 Amazon gift card.

The interview would:

  • Include a short pre-questionnaire about your demographics.
  • Be fully anonymous for you and the projects, at most, short anonymized quotes from the interview might be published.
  • Take about ~60 min of your valuable time.
  • Be on any audio platform of your choice (Skype, our self-hosted Jitsi, …), camera optional.

Participate: Feel free to write us an informal email, so we can arrange an online appointment: hoeltervennhoff@sec.uni-hannover.de

Context #

We want to investigate your practical experience with Rust to understand how Rust is applied in everyday life. In particular, we want to focus on the usage and the culture around unsafe Rust code and how this usage does interact with the security of the language.

Thus, we are looking for developers with hands-on experience who are willing to talk to us about, among others, how Rust or unsafe code is written, how the code is verified or checked, and which mechanisms or tools are involved.

Overall, we aim to understand what is going very well with the Rust language and its security promises right now and where Rust needs to improve in the future.

Who we are #

Our group studies the intersection of computer security and privacy with human factors. We are particularly interested in investigating end users, administrators, developers, and designers of computer systems and their interdependencies with computer security and privacy mechanisms.

You can find some of our recent publications here.

Researchers

Sandra Höltervennhoff | Researcher (CASA) and PhD Student (Leibniz University Hannover).
Contact: hoeltervennhoff@sec.uni-hannover.de

Philip Klostermeyer | Researcher and PhD Student (Leibniz University Hannover).
Contact: klostermeyer@sec.uni-hannover.de

Yasemin Acar | Principal Investigator, Assistant Professor (George Washington University).
Sascha Fahl | Principal Investigator, Tenured Faculty (CISPA) and Full Professor (Leibniz University Hannover).

Institutions

LUH logo

Leibniz University Hannover

CASA logo

Ruhr-Universität Bochum

CISPA logo

CISPA Helmholtz-Center for Information Security

GWU logo

George Washington University

Collected data #

For the analysis of the interviews we would like to use transcripts. For this we would need to collect the following data:

  • A recording of your interview that will be destroyed after transcription (a few days after the interview is processed).
  • A fully de-identified (your & project information) transcript of the interview, which will be destroyed after our research is complete (likely a few months after the interview).

The interview and data processing process has been approved by our German equivalent of an IRB:

  • The data collected will be fully de-identified whenever necessary.
  • Throughout the research, access to the data is limited to a small number of trained researchers only.
  • All data collected will be handled in accordance with strict GDPR/DSGVO regulations.
  • All data will be destroyed upon completion of our research.

Our full consent disclosure is as follows:

  • Participation: Your participation is of course entirely voluntary. You may skip any questions you don’t want to answer, abort the interview at any time for any reason, or cancel the interview appointment.
  • Data Collection: We would like to record the call’s audio for later transcription by a GDPR/DSGVO compliant transcription service. After we de-identify transcripts and check them for accuracy, all recordings will be discarded.
  • Risks: The risks to your participation in this online interview study are those associated with basic computer tasks, including boredom, fatigue, mild stress, or breach of confidentiality.
  • Benefits: Benefits of participating in the interview are the learning experience from participating in a research study, and the contribution to the state of scientific knowledge.