Get your *FREE Rust training* : letsgetrusty.com/bootcamp

Time to add 5 years of experience in Rust to my Resumé.

glad to see Rust adoption is growing. not only the software gets better, which is good for everyone, but also the job offers increase, which is good for us, rust developers

Uh, this is the kind of interesting things to see. Confirmation of the language benefits in a real worldwide used project like android.

Rust cheatsheet finally paid off

Started learning Rust 3 years ago, nowadays I'm finally comfortable with it, in fact it's my primary choice for most applications. I hope to land a job where I can use Rust for a living, it would be a dream

Dropping from 76% to 24% is actually a ~66% decrease. Say you has 3 quarters of a pie (75%) and now you have 1 quarter (25%), you now have two thirds less pie. If the goal is to get memory safety vulnerabilities to 0, it's currently improved by roughly 66% when it dropped by over two thirds from 76% to 24%.

Unfortunately, even old code can have memory safety issues. Just because an exploit hasn't been noticeably exploited, doesn't mean that it can't be exploited, or even that exploits aren't currently happening unnoticed. The only way to guarantee there are no memory vulnerabilities, is to have formal proofs of your code or use methods that are already proven to be memory safe. Rust makes the latter much easier to do.

0:44 This might sound small until you realize that 76% -> 24% is actually a *_10x_* reduction. From 3.2x all other bugs to just 0.32x.

Can you give the link to the google article?

Actually it's not a 50% reduction, it's a 66% reduction, which is even better! You can think of it as from 3/4 to 1/4

what happened to their golang?

Great News! We all knew that Rust will decrease the number of problems in code, but it is great to see data that so clearly demonstrates this. However, your graph which includes the numbers for 2024 is a bit misleading, as 2024 isn't done yet -- so that bar will rise before we are done with 2024.

why don't google use GO?

The good thing with these "safe" languages is that more and more of the bugs are getting caught during compile time and so there will be less and less of "surprises" during runtime. But this also means that if it took 24 hrs to C++ code to build it might take roughly 32 hrs to compile rust code as rust compiler does a lot of checks before it blurts out an executable.

it’s my little bit of topic here, but very interesting your opinion about the mojo and all the stuff going around. mojo have some similarity with rust will be great to hear your opinion about.

It's funny how commonsense applies to the rust code. Every time I try some common sense on my rust bot it works. I guess the ownership of memory does make a big difference. I think my bot loves the refinement.

I was just trying to write some android apps in rust the other day following the guide Google made. I'm getting an error that I don't have the dependencies wear-sdk, does anyone know what I did wrong or how to compile my cuttlefish android emulator?

In other words it means go share will decrease too. Their own GoLang does partially same level of responsibility and adoption of rust means less use of Go for writing tools which could be done on Rust

Does writing in Rust also statistically lower other types of vulnerabilities?

I just wanna to ask that if we have to program bare metal in unsafe way then why not do it in c

There was also news of C++ getting a borrow checker and the syntax kinda looks like rust.

Can I ask why you say it's counter intuitive for numbers of memory related vulnerability to decrease when Google is using memory safe language?

Memory safety increases "exponentially" over time? That is a ridiculous statement by Google. Logarithmically is more realistic.

"...has deliberately [written]" not 'wrote'

Дякую, Богдане!) So...Carbon lang is now dead - another grave of Google Cemetary?

what about speed & battery draining ?

I wish we could write apps in rust. The whole idea that they choose the language that every app is written in is crazy too me.

I am using Rust's Actix web to build APIs 😁.

Glad to see this but has Google and Android evaluated Ada like Nvidia did or just mindlessly jumped on the Rust hype train. Ada comes with more safety, less developer friction and results in more maintainable code bases.

thanks for these examples

I do most Rust development for web applications. It's cool.

nice haircut 👍

That's great news for memory safety, but what do we know about the relative speed of development?

Then why google created Golang?

get rusty. its tough but worthful life time learning and get offers with good pay

I use Golang BTW

Mhm, need to learn rust soon.

Positive news from the big players about Rust is insanely valuable for the ecosystem. Maybe now there will be even more eyes on it and what it tries to solve. Maybe that'll lead to more adoption, awareness and tools being developed. Like am I the only one who wants another rival to RustRover??

the villains went nuclear :(

I'm missing something. "... was able to cut memory vulnerabilities in Android by 52%." implies there are still memory vulnerabilities despite using Rust. What memory vulnerabilities are still possible with Rust? Is this something with Unsafe Mode, or is there something else?

if you want memory security in c++ you can utilize, e.g., smart pointers instead of raw pointers. No need to blame language if you can't write proper code.

Not so much "has finally paid off" as "shares data about how it was worth it (all along)".

why your eyes always look like you didn't get enough sleep bro

All you said about rust was true, but mentioning kotlin in this context does not make sense. Google's own popular apps became less stable since introducing kotlin.

3:40 All *new* native code

LETSGOOOO RUST SUPREMACY

kotlin vs dart please

Still the question remains, when it will pay me besides changing my behavior :)

Android? Oh boy, those Lijux kernel C guys have an all new reason to get a belly ache.

well if they know the percentage left (that 24%) why not also remove those vulnerabilities and go to 0% instead of shipping code that's currently 24% vulnerable. (I'm just being an idiot 😂)

This is the sixth time I see that article lol

Job description : need 15 years of experience in rust. 😂

I am starting to suspect that you really like Rust.

Lol artificial unintelligent chatbot gemini was made with rust. Enough said.

One of Rust's biggest advantages is also one of its big hinderers: it plays nice with every other language. It's pretty easy to use Rust with something else... companies don't have to make a commitment to Rust.

did he say sewer c++ xd?

Memory safe language adoption is certainly a good thing, but there seems to be a false narrative here. Rust is memory safe, so regardless of how much the lines of code (LOC) in Rust grows, it should have NO impact on memory safety vulnerability counts UNLESS it's the old C/C++ being rewritten in Rust. So here's the real story: C/C++ LOC continued to grow 60% over 5 years but memory vulnerabilities reduced by a factor of 3. The narrative that's being pushed is that Rust somehow was the key contributor, but the real contributor was more awareness of memory safety and the usage of tools for C/C++ to detect memory issues. So the adoption of Rust will continue to pay off, but the numbers presented here are misleading. An example of numbers that aren't misleading would be if they said that they rewrote 80% of the C/C++ in Rust and their memory vulnerabilities reduced by 80%. That's a clear accurate truthful picture. The numbers being presented are not.

Wait... Kotlin or rust furries? Which?

Now if only they could improve their search.

nice

Hi Bogdan, I sent you an email. Thanks!

c++ was a mess to start with. it has only gotten worst. c has find as a hacks language but it was really bad too. being cryptic should never be valued in a programing language.

Cool

So they've given up on carbon too? 😂

The syntax is super ugly and messy. No matter how much you rustaceans chant it's safety. It's unreadable

👌👌👌👏👏👏

Meanwhile, bickering and bitching on the Linux kernel dev lists ...🤷‍♂

there are no jobs in rust for junior devs

I want build nuke missile controller using rust...

❤❤❤❤❤❤❤❤❤❤❤

C is better. We the C developers will prevent Rust adoption to Linux till Linux dies.

First

C is easier to write though 😂

here before @RustIsWinning 😎

what the hack!? I just figure out that .cargo and .rustup weights almost 4G in my home directory! Along with ~300M of sources for 2 really small projects, rust weights a lot. Edit: I forgot about my 3rd rust project (for raspberry_pi pico they weight 1.1G...)