Trifecta Tech Foundation - Blog & News

Rust should have stable tail calls

2026-04-14T00:00:00+00:00

Tail calls in Rust have been talked about for a long time, but especially from the outside it looks like very little progress has been made. Let's change that!

Fixing our own problems in the Rust compiler

2026-03-30T00:00:00+00:00

In our data compression projects, we use Rust where C is traditionally used. During the work, we've hit limitations in Rust itself and in the surrounding tooling. Over the years, we've become increasingly comfortable with fixing these issues ourselves.

Ubuntu to adopt ntpd-rs as the default time synchronization client and server

2026-03-26T00:00:00+00:00

March 26, 2026 – Ubuntu is set to adopt ntpd-rs by default.

We're thrilled to announce that in upcoming releases, Ubuntu will be adopting ntpd-rs as the default time synchronization client and server.

Video: Securing time with NTS (FOSDEM26)

2026-02-01T00:00:00+00:00

The Network Time Protocol is generally used completely unprotected, much like the web was before HTTPS. Ruben explains how we aim to push adoption of secure time (NTS) using pools of NTS servers.

zlib-rs: a stable API and 30M downloads

2026-01-27T00:00:00+00:00

Since the first release in April 2024, zlib-rs has come a long way. It has seen major adoption over the last year, and, we're proud to say, is now feature complete. We've released zlib-rs 0.6, the first version with a stable and complete API</a>.

Video: sudo-rs and beyond (Ubuntu Summit 25.10)

2026-01-13T00:00:00+00:00

After sudo-rs was included in the 25.10 release of Ubuntu</a>, Marc was invited to the Ubuntu Summit to talk about the design choices that shaped sudo-rs. You can now watch the recording of the talk.

Calling for memory safety incentives in EU cybersecurity policies

2025-12-17T00:00:00+00:00


Today we publish the statement "Improving Europe's cybersecurity posture through memory safety", calling on European and national policymakers to provide clear incentives and support for the large-scale adoption of memory-safe technology.

Emulating avx-512 intrinsics in Miri

2025-12-09T00:00:00+00:00

Recently we've started work on using more avx512</code> features in zlib-rs</a>. The avx512</code> family of target features provides SIMD intrinsics that use 512-bit vectors (double the size of avx2</code>, which uses 256-bit vectors). These wider intrinsics can speed up certain algorithms dramatically.
Support the call for Memory Safety incentives in EU cybersecurity policies 2025-11-12T00:00:00+00:00 With the upcoming Cyber Resilience Act in the EU mandating a secure-by-design development process, we urge organisations and individuals to support our statement "Improving Europe's cybersecurity posture through memory safety". Canonical releases Ubuntu 25.10 with sudo-rs as the default sudo 2025-10-09T00:00:00+00:00 Canonical announced the release of Ubuntu 25.10, codenamed "Questing Quokka". The introduction of Trifecta Tech Foundation's memory-safe sudo delivers many benefits compared to the traditional implementation. For users, a reduced attack surface in the sudo tool will improve Ubuntu’s overall security posture. Frequently Asked Questions about sudo-rs 2025-10-07T00:00:00+00:00 With sudo-rs coming to Ubuntu 25.10</a>, the core team has collected and published the Frequently Asked Questions about sudo-rs. They will be updated if user curiosity calls for it. Improving state machine code generation 2025-09-09T00:00:00+00:00 Over the past couple of months, Björn and I have been working on improving state machine code generation</a> in the rust compiler, a rust project goal for 2025H1. In late June, PR 138780</a> was merged, which adds #![feature(loop_match)]</code>. ntpd-rs now supports version 5 of the Network Time Protocol 2025-07-11T00:00:00+00:00 Our Network Time Protocol implementation, ntpd-rs</a>, now provides experimental support of NTP version 5. It is available in the latest release</a>. bzip2 crate switches from C to 100% rust 2025-06-17T00:00:00+00:00 Today we published bzip2</code> version 0.6.0</code>, which uses our rust implementation of the bzip2 algorithm, libbz2-rs-sys</code>, by default. The bzip2</code> crate is now faster and easier to cross-compile. SIMD in zlib-rs (part 2): compare256 2025-05-26T00:00:00+00:00 In part 1</a> of the "SIMD in zlib-rs" series, we've seen that, with a bit of nudging, autovectorization can produce optimal code for some problems. But that does not always work: with SIMD clever programmers can still beat the compiler. Memory-safe sudo to become the default in Ubuntu 2025-05-06T00:00:00+00:00 May 6, 2025 – Ubuntu 25.10 is set to adopt sudo-rs by default. Sudo-rs is a memory-safe reimplementation of the widely-used sudo</code> utility, written in the Rust programming language. SIMD in zlib-rs (part 1): Autovectorization and target features 2025-04-15T00:00:00+00:00 I'm fascinated by the creative use of SIMD instructions. When you first learn about SIMD, it is clear that doing more multiplications in a single instruction is useful for speeding up matrix multiplication. But how can all of these weird instructions be used to solve problems that aren't just arithmetic? Translating bzip2 with c2rust 2025-03-10T00:00:00+00:00 Over the past couple of months we've been hard at work on libbzip2-rs</a>, a 100% Rust drop-in compatible implementation the bzip2 compression and decompression functionality. zlib-rs is faster than C 2025-02-25T00:00:00+00:00 We've released version 0.4.2</a> of zlib-rs</a>, featuring a number of substantial performance improvements. We are now (to our knowledge) the fastest api-compatible zlib implementation for decompression, and beat the competition in the most important compression cases too. Trifecta Tech Foundation joins Nonprofit Cyber 2025-02-24T00:00:00+00:00 The first coalition of cybersecurity nonprofits focused on tangible results welcomes the addition of four new members: PuntoGal, Internet Security Research Group, Trifecta Tech Foundation, and The Retired Investigators Guild. The fastest WASM zlib 2024-11-19T00:00:00+00:00 This year we started work on zlib-rs</a>, an implementation of Zlib</a> in Rust, with the goal of maintaining excellent performance while introducing memory safety. Trifecta Tech Foundation is the new home for memory safe zlib 2024-11-07T00:00:00+00:00 Today we're pleased to announce that the recently developed open source memory safe implementation of zlib – zlib-rs</a> – initiated by ISRG's Prossimo project</a> now has a new long-term home at our Trifecta Tech Foundation. Enabling pools in NTS 2024-10-30T00:00:00+00:00 We previously talked about how secure time is required for a safe internet</a>. We mentioned how we want to increase the adoption of NTS, the secure time synchronization standard built on top of NTP. For this, we proposed to develop a public NTS pool. In this article, we expand on what pooling is, and what is required to enable an NTS pool. ISPCS paper: Estimating noise for clock-synchronizing Kalman filters 2024-10-04T00:00:00+00:00 Our Statime project now provides strong synchronization performance and accurate synchronization error estimates. David's paper, soon to be published by the IEEE, describes our Kalman-based approach. Sovereign Tech Fund invests in Pendulum 2024-08-10T00:00:00+00:00 Sovereign Tech Fund will support our effort to build modern and memory-safe implementations of the Network Time Protocol (NTP) and the Precision Time Protocol (PTP). Current zlib-rs performance 2024-08-08T00:00:00+00:00 Our zlib-rs</code></a> project implements a drop-in replacement for libz.so</code>, a dynamic library that is widely used to perform gzip (de)compression. A new home for memory safe sudo/su 2024-07-17T00:00:00+00:00 Today we're pleased to announce that an open source memory safe implementation of sudo/su — sudo-rs — has a new long-term home at the Trifecta Tech Foundation. Trifecta Tech Foundation: Open infrastructure software in the public interest 2024-07-15T00:00:00+00:00 Today, we are proud to announce the Trifecta Tech Foundation. Statime vs Linux PTP: Comparison of precision 2024-07-08T00:00:00+00:00 We're happy and proud to report that the Dutch National Metrology Institute measured performance for Statime comparable to Linux PTP! More Memory Safety for Let’s Encrypt: Deploying ntpd-rs 2024-06-24T00:00:00+00:00 When we look at the general security posture of Let’s Encrypt, one of the things that worries us most is how much of the operating system and network infrastructure is written in unsafe languages like C and C++. Want more Rust? Break the cycle! 2024-06-17T00:00:00+00:00 How? By oxidizing education. That's right: introduce Rust in higher education making sure more students enter the job market. A safe Internet requires secure time 2024-05-24T00:00:00+00:00 The internet has a hole at the bottom of its trust stack, and we need to do something about it. In particular, the internet needs secure time synchronization to fortify the security of our digital world. On Rust, Memory Safety, and Open Source Infrastructure 2024-05-19T00:00:00+00:00 Addressing memory safety in critical infrastructure is a complex issue with multiple approaches. The Sovereign Tech Fund supports several initiatives, including Pendulum's memory safe Network Time Protocol, that is highlighted in this article. Providing official Fedora Linux RPM packages for ntpd-rs and sudo-rs 2024-05-09T00:00:00+00:00 Memory safe NTP and sudo are now in Fedora Linux. flate2 release v1.0.29 with new `zlib-rs` feature 2024-04-28T00:00:00+00:00 With the new zlib-rs feature, a new backend is enabled that brings in a SIMD-accelerated Rust implementation. Rust makes DNS and time software more secure 2024-04-17T00:00:00+00:00 SIDN writes about vital software for critical internet infrastructure reimplemented in memory safe languages. The article lists sudo-rs and Pendulum as prime examples of employing Rust for Rust for critical software. xz incident shows the need for structural change 2024-04-04T00:00:00+00:00 At Sovereign Tech Fund, we're following the xz incident closely and listening to the many voices in the FOSS maintainer community. Sudo-rs dependencies: when less is better 2024-03-07T00:00:00+00:00 Trifecta Tech Foundation maintainer Ruben Nijveld offers his perspective here on one of the greatest challenges we faced when developing software that can be widely adopted: Rust crate dependencies. Testing sudo-rs and improving sudo along the way 2023-06-28T00:00:00+00:00 Faced with the task of re-implementing sudo, one of the questions that came up early on was: how do we verify that sudo-rs behaves just like the original sudo? Re-implementing Sudo in Rust 2023-05-17T00:00:00+00:00 A drop-in replacement for all common modern use cases of sudo. Two core Unix-like utilities, sudo and su, are getting rewrites in Rust 2023-05-01T00:00:00+00:00 Two of the most fundamental tools of the modern Unix-like command line, sudo and su, are being rewritten in the modern language Rust as part of a wider effort to get critical but aging infrastructure pieces replaced by memory-safe counterparts.