Do you contribute to Rust projects where you ever had to write unsafe code or know someone who does?
We would love to interview you about your experiences working with Rust unsafe code.
We are a group of security & privacy researchers from the German CISPA Helmholtz-Center for Information Security and the Leibniz University Hannover with collaborations to various other institutions.
We are looking for interview partners from various Rust projects to gain deeper insights from many involved contributors and a wide field of projects.
We would like to thank you for supporting our scientific work by rewarding you with $80. We can either issue Amazon.de/uk/com vouchers or pay EU participants by bank transfer. (The university requires a filled out form for the bank transfer. The form can be sent to you prior to the interview.)
The interview would:
Include a short pre-questionnaire about your demographics.
Be fully anonymous for you and the projects, at most, short anonymized quotes from the interview might be published.
Take about ~60 min of your valuable time.
Be on any audio platform of your choice (Skype, our self-hosted Jitsi, …), camera optional.
We would like to record the interview and transcribe it for further analysis in our study, any personal information will be de-identified and only appear in the form of aggregated data in our research publication later on.
Participate:
If you’re interested in our study, feel free to write us an email, so we can arrange an appointment: hoeltervennhoff@sec.uni-hannover.de
We want to investigate your practical experience with Rust to understand how Rust is applied in everyday life. In particular, we want to focus on the usage and the culture around unsafe Rust code and how this usage does interact with the security of the language.
Thus, we are looking for developers with hands-on experience who are willing to talk to us about, among others, how Rust or unsafe code is written, how the code is verified or checked, and which mechanisms or tools are involved.
Overall, we want to understand what is currently working very well in Rust and Rust unsafe code from a security perspective and where Rust could improve in the future.
Our group studies the intersection of computer security and privacy with human factors. We are particularly interested in investigating end users, administrators, developers, and designers of computer systems and their interdependencies with computer security and privacy mechanisms.
You can find some of our recent publications here.
For the analysis of the interviews we would like to use transcripts. For this we would need to collect the following data:
A recording of your interview that will be destroyed after transcription (a few days after the interview is processed).
A fully de-identified (your & project information) transcript of the interview, which will be destroyed after our research is complete (likely a few months after the interview).
The interview and data processing process has been approved by our German equivalent of an IRB:
The data collected will be fully de-identified whenever necessary.
Throughout the research, access to the data is limited to a small number of trained researchers only.
All data collected will be handled in accordance with strict GDPR/DSGVO regulations.
All data will be destroyed upon completion of our research.
Participation: Your participation is of course entirely voluntary. You may skip any questions you don’t want to answer, abort the interview at any time for any reason, or cancel the interview appointment.
Data Collection: We would like to record the call’s audio for later transcription by a GDPR/DSGVO compliant transcription service.
After we de-identify transcripts and check them for accuracy, all recordings will be discarded.
Risks: The risks to your participation in this online interview study are those associated with basic computer tasks, including boredom, fatigue or mild stress.
Benefits: The benefit of participation is the experience gained from participating in a research study and the contribution made to the state of scientific knowledge.
