SO @doce3609 lol

If C gets Illegal ill invent something different than C, maybe with better tools for articulating Objects and Problems very fast.. I dont have a Name yet but because its based on C im thinking of something with a plus.

Just learn Odin.

We still have ASM superpowers. And if ASM gets disallowed too, we'll just hide ourselves inside a Rust unsafe block and do very naughty things, like using the ASM macro. :P

Lmao

that'd be fun

a lot of us 400-pound hackers are pretty good C programmers!

Lol

@@Kane0123 "C jobs built America. C powers everything. We love C here in West Virginia, folks. Not Biden. Rusty Joe they call him. They do call him that don't they? Sleepy and rusty."

"I here to use rust you have to identify as lgbtq+zxtruq and give up your guns, they say. Thats not going to happen in C, I wont allow it. I liked it before it was cool, and now they dressed it all up in drag and call it c++, you here about this folks, its a shame, so sad"

no they got a back door.

@@sixbutton9 Rust still uses the LLVM, so there's still a lot of undefined behavior and unsafe things for years to come.

@@monad_tcp There is no UB in normal safe Rust code (and if there is it would be fixed eventually).

@@lawrencemanning 😆

@@diadetediotedio6918 define "normal"

Elaborate

@@tiranito2834 I'm starting to think that all the people not understanding why GC would be bad for spacecrafts just don't understand how GC works.

@@anon_y_mousse That's the sad reality of the way GC works. Out of sight out of mind.

@tiranito2834 The GC make the computer stop? Pffft, that's ridiculous. Ignoring the obvious fact that we have multi-threaded processors for a reason, even a very average CPU is capable of running millions of instructions per second of something high level like JS without any downtime at all. The only reason why GC is bad is because the memory might not get released fast enough for some applications. Definitely not the problem of rockets, they wouldn't have limited memory.

And having fixed memory allocation is also helpful when a bit here or there can be flipped. Good luck with rust not throwing an exception when a pointer gets corrupted from a bit flip. I've had people ask why I am picky as to how a "if" or a "for loop" is written and it's written that way so that it can't loop a lot longer if a number is out of range. I am also not going to say that everything should be in C or C++. These languages are safe when unit tested and analyzed. but most code does not get that kind of scrutiny.

Lmao

Rust made a memory leak inside his brain

If he doesn't will the rest follow?

Wym, all he does is free memory. Bro tries to free Stack allocated memory sometimes. He's trying to update his hardware to rust

Hahaha 😆

What are e we talking about? Critical software that has become infrastructure or critical software that is a product of a company?

Basic input validation is so much easier to do in Rust, though. If I want to parse JSON (or any other of dozens of serialization formats) into a Rust struct I just import Serde and derive deserialize on my struct and it writes the parser for me. It then forces me to check to see if the parse succeeded or failed, and if it succeeded I now have a reference to a fully instantiated and syntactically correct instance of my struct without a null pointer in sight. If I want to add semantic analysis, I could then write a simple parser that parses MySerdeStruct into Result. Alternatively, if I wanted to do it all in one go I could instead just implement the Deserialize trait for my struct and bake in the semantic analysis. Boom, if I have an instance of MySemanticallyCorrectStruct anywhere in my program it's now guaranteed to have been instantiated, validated, and point to a valid location in memory.

Users will read the guide, so validation isn’t important.

@@Kane0123 I agree. You should educate your users. After all. User Input should always be correct so you can trust it at all times in your code.

@@rahzaelfoe3288 You do realize that Serde is a library, not a language, don't you? And there are libraries to do the JSON parsing and validation in C++, you don't have to write all the code yourself.

@asdfghjkl-jk6mu Stuttgart, Germany

Well, there are Java VMs developed that are suitable for real time systems. Not very popular, expensive, and mostly used in military/ some automotive. There is one called "Jamaica VM" and one developed by "ptc". But Java is still extremely memory hungry. I would like to have my IoT device being able to run on battery a few years.... and without crashes.

GCs also require a good amount of speed and memory themselves to manage that space-grade hardware may not have. space-grade processors need to be much simpler and thus probably much slower in order to be less prone to errors when exposed to space. dynamically allocating and deallocating memory in space can also be a big problem when communication timing is an absolute critical essential in space for a variety of reasons and dynamically managing memory can lead to unpredictable timing.

There's ways to enter during garbage collection. I can think of three without looking at the code in question.

😂🎉

You don't have to listen to them, there are many others that have said this before them.

You don't have to hear them but they're just repeating what people who has nothing to do (as far as we know) with NSA have been saying from the very beginning: never trust in the programmer

Yeah the government will not tell me what language to use

Typical C programmer (no shade).

@@malusmundus-9605are you being sarcastic? Couldn't tell these days 🤷‍♂

calling the cops

"C gives the programmer too much freedom. We need more security! I hereby declare C to be a terrorist organization!"

I think also they might not run leading to running out of memory.

​@@eldrago19Try that again

too based for the gov i'm afraid

Why would they do that? Closed source is superior from certain points of view.

@@markojojic6223 Facts are not points of view. Security through obscurity is a farce

true, the only reason the us gov can confirm rust is memory safe is because the compiler is open sourse

@one6446 Well I guess they could have started makeing an in-house alternative in 10 years or less.

Focusing on security makes it harder to get things working.

Indeed, I'm more concerned about being secure from government intrusion than the other way around.

@@undeadpresident I really don't mind the NSA having all sorts of dirty tricks. Just so long as they don't share them with the FBI! Unfortunately, it's hard to tell if they do or not, besides the fact that the FBI is constantly whining about encryption.

I agree

@@undeadpresident Governments are the number 1 producer of malware, governments everywhere are just criminal organizations

@@TapetBart ok, mastermind, how is your posting on the internet going to prevent the NSA from stockpiling zero days? They aren't really sensitive to public sentiment. Not that the FBI is, either. Are you saying it's not worse for civil liberties for the agency in charge of law enforcement in the USA to have these sorts of capabilities? Because, of course, it is far worse for the FBI to have access, rather than just the foreign intelligence agencies. (except for the CIA, they can't keep anything a secret) BTW, I believe the phrase you are looking for is "room temperature IQ", not "room level IQ"

Thanks for reminding me that I'm old.

history repeats itself rust++

That is not how I remember it. The US government did not create Ada. They held a kind of completion to find a language that would be suitable to use n all MoD and other government procurement. The idea was to get out of the situation where every vendor used a different language and they therefore had hundreds of languages in all kind of projects. Ada won that competition and subsequently it was mandated on all new government contracts. Far from being popular pretty much all programmers I worked with who had to use it did not like it. They complained it was too complex, too verbose, too slow. As a result the mandate was lifted only a few years later. With the result that everyone flocks dot the new shiny C++ as a supposed improvement over their beloved C. Ada still hangs on in safety critical systems though, like avionics. Ada never took over the world, it was rarely used outside military and safety critical applications. I get the idea that the government learned something and would not be so daft as to mandate a particular language, for example Rust. However this document certainly serves to push the software world to more reliable and robust languages that are memory safe.

@@Heater-v1.0.0 I think you missed the obvious sarcasm in that line of "took over the world", because we all know it did not.

@@anon_y_mousse Yeah, likely I did. It's sometimes hard to spot sarcasm on the net, being the swamp of inaccuracy and misinformation that it is. Last I heard Ada had learned a few tricks about memory safety from Rust, It's all good stuff.

Assuming he has memory to begin with

@@godspeed2145 it's just leaked over the past 80 years

His memory is FINE, it's just his output stream buffering.

His memory is great, his brain just runs on Python

I think that's what Byarne Stroutstroup said too. He was implying something like; in C++ we should be allowed to use memory unsafe features only by manually adding those unsface compiler flags. All the safest features should be enforced by default in the first place. If that does become a reality for future compiler versions, most of the vulnerabilities can be eliminated.

I really like cargo and can‘t quite follow your problems since I‘ve never migrated a project to rust, but here‘s a trick: if you need to know what cargo is doing behind the scenes, you can use cargo build -v or even cargo build -vv. It will show you the commands run. Hope this helps

@@ZwiebelgianYeah… get back to us when you’ve tried to integrate it into a CMake or Ninja or Makefile project. I’ve done it. It sucks. It can be done, but it sucks.

Ewww make files.

@@airman122469 yeah those commads are extremely verbose, good luck nonetheless. If you really want it to change, try posting a bit more formally in one of rusts official channels

Build with Bazel when the project is either large , polyglot, or both.

This! And just because rust is "Memory Safe" Doesn't mean there aren't issues with it. Kinda like how Alpine Linux is "more secure" than other distros because there are fewer eyes on it.

You are missing the point, cherry picking these examples and cases. A lot of hardware and software gets picked apart due to memory issues and overflow. The fusee gelee exploit that made every Nintendo switch vulnerable was caused due to a memory overflow bug, for example

@user-lp8eo5cd1h You are entirely missing the point and are bike-shedding. Expecting programmers to have a borrow checker in their head is inherently flawed.

​@@OGNordusing rust makes it nearly impossible to write a huge class of bugs. You can argue "poorly managed code," but if there's an option that makes such bugs impossible without specifically choosing to use an escape hatch, then you're simply going to have less bugs. I'd rather have a complier enforce bugs to not exist rather than rely on the human to do that check, humans who miss stuff, who make mistakes. Yes you can write insecure code in rust. But it's much harder or impossible to write a very important class of bugs in rust. And even if it is possible, you have to go well out of your way to do so.

​@purewaterruler I love rust, but I still choose C++ on my team. For rust to become as mainstream as C++, either hundreds of libraries need to have rust replacements or, as Google is funding, interoperability with C++. The latter is the most likely, at least in the next decade. So, if something like openssl or curl has a vulnerability, then your rust stack will have it just as readily as someone else's C++ stack. I agree that it would be ideal to move in the direction of rust only, but it's going to be years before I can reasonably choose it unless I end up on a team that's building within some relatively small domain.

VOP - virtue_signaling oriented programming. It is the future. RUSTRANNY ZISTAS. GO GO GO!

Watch them try to make a list of all C programmers and leverage their ISP's to cut their internet service and deny them plane flights.

New paradigm Yay

the eu supports a ton of FOSS, like... idk, gnome. so yeah. often enough that's actually something i love

always knew there's something not right with rust

They also created the ADA programming language, that why it became so popular and took over the world

@@virtuosisimo never heard of it

CIA probably added a backdoor to the rust compiler

@@shallex5744 that's my point xD

U r a tinhat

@@ameknite I am not talking about rust the language, but any program written in rust that MAY be GPL licensed.

That's a huge license issue for certain pieces of software, not everyone wants to statically link everything.

@@heavymetalmixer91 If you want dynamic linking with Rust, you're out of luck. That isn't a supported feature yet.

@@Psychx_ that's because rust has no ABI like most mature languages do.

@@heavymetalmixer91 yes, but also the stance of FSF on static linking is that you also make a derivative work from the GPL code. Now this hasn't gone to court yet so there is no precedence. But rust is making me re-think all of that again.

Your Dad was smart and knew that the only way to be "safe" in certain ways was to give up on Turing completeness. One can afford that for science and aerospace systems, but it's a rather hard way to make a living as an app programmer.

"I will defeat Donald Reagan this election!"

Yep.

rust foundation wants to take your 🔫🔫 per the TOS. Now we know who they really are.

It still gives us a peace of mind that we haven’t created an exploit unintentionally. Reducing the attack surface helps us target the next class of exploits. Besides it also helps us avoid unintentional memory bugs in regular use.

@@mma93067 rust still has CVEs. It’s not full proof and relying on the claim of full proof is the same as having assumptions about your code.

@@mma93067 Rust still has CVEs. It’s not a cure all, and believing it to be has the same effects as making assumptions about your inputs.

Sure, social engineering is the biggest problem these days, but to say that memory safety doesn't matter is incredibly hyperbolic. Even if it doesn't cover all or most vulnerabilities, reducing the attack surface by 5% is nothing to scoff at.

Actually, it does still matter how safe the language is because attacks still exist which target those insecurities of the language. Also, the idea that every language is safe as long as you do everything absolutely perfectly with absolutely zero assumptions is an overly naive solution. We already know that nobody is going to write perfectly secure code all the time. Crossing your arms and saying "well they people should code perfectly" isn't a solution.

the c in c stands for crime

@@guyblack9729what about c++

@@guyblack9729 what do the rest of the other letters stand for?

@@bruhzzerPropaganda.

If only it wasn't one of the most compatible languages out there with extensive tooling and libraries. I don't think it's going anywhere anytime soon.

This is a LCD defense argument. Which sounds remarkably like projection.

The government operates with timelines and budgets that enterprises do not. They could absolutely establish a licensing criteria for federal dev work and create associated acceptance testing paradigms that far exceed those sustainable in private industry in the interest of national security. They literally plan to spend $20 billion to replace chinese made CRANES in our ports due to security concerns…

@@NinjaRunningWildLCD defense? As in the screen type? Could you elaborate, I find OP's argument quite compelling.

@@semitangentDo you understand mathematics?

@@semitangent lowest common denominator. In this case making an argument to defend the effort of the least skilled who posses a basic level of aptitude which is the lowest common denominator among all developers. Rather than expecting better from everyone.

U have a hat made out of tin

heyeyey slow down your horses - nobody said anything about using! The white house is talking - and that's the only they ever do

once the nsa endorses rust, is the day ill stop using it.

@@pluto8404 why

I haven't done video games, but do lots of GUI and OOP is a must, type hierarchy just looks natural

@@mizu_7422 they planted 5g bugs into my esp32

Yes. Ada came from Defense, including its design; Rust came from the developer community and is simply being _recommended_/adopted by government, among others.

​@@midnightfutureI don't really see the difference.

@@midnightfuture implying rust isn't heavily political and compromised from the start lol

​@rusi6219it's not. it's just a programming language, and a well loved one at that. if you're thinking of marginalized people being able to openly exist without being discriminated against within the community, that's not politics, that's just human rights. politics are things like dealing with taxes or government budgets or setting health and safety standards in different aspects of life. for example, food health codes. in that, the government didn't create rust. they just promote it as one of the memory safe languages that exists and they want you to use a memory safe language. their goal isn't to make you pick a specific language or even one that exists today, just that you pick one that's safer than the ones designed when security was an afterthought. we still have the mess that's the email and phone systems with spam and scams cause security was an afterthought when they were made. i would gladly burn both my emails and phone numbers if i wasn't required to have them just to use any service. this is a step in the right direction to make a safer tomorrow

This comment is highly underrated.

Yeah but @LowLevelLearning discusses this in the video: 70% of major security issues are related to memory management. Even though that leaves 30%, eliminating 70% itself (after 35-50 years) would itself be a monumental achievement.

@@GEfromNJ I don’t have data on the matter, but I’d easily bet on that figure not including social engineering as a vulnerability. So, even if we take at face value Rust’s claim to memory safety, it still wouldn’t lead to a particularly more secure digital environment. It could indeed solve a major class of vulnerabilities, but it’s also the class of vulnerabilities that only highly sophisticated attackers use, so it probably is the less frequent in volumes of attacks. A vast network of Internet crawlers brute forcing common default credentials for unsecured IoT devices is, to me, a more worrisome class of attacks, because of its scale and low floor to access it. And it’s a kind of vulnerability that can only be removed by making cybersecurity due diligence standards mandatory.

@@Vaalin In response to the claim that Rust prevents a lot of vulnerabilities, saying something like "yeah, but it doesn't prevent all vulnerabilities" is not really a counter argument. Memory safety issues undeniably make up a huge chunk of software vulnerabilities and using Rust helps to prevent those from occurring.

It’s almost like profit seeking behavior is inherent to capitalism

Another problem with the "skill issue" argument is that Apple, Microsoft, Linux, Google, etc have essentially unlimited resources and decades of experience and yet they are still experiencing these issues.

So... Skill issues...

There's a skill issue in communication skills.

I view it the same as safety equipment for heavy machinery. No matter how skilled and experienced you are, you can still get tired on a Friday night and be rushing to meet a deadline. Impairment and time pressure issues can overcome skill and produce bad outcomes in all humans across all professions. It simply makes sense to fail safe instead of deadly.

That only saves us from data corruption from high energy cosmic radiations.

Is it smart to post this information to the internet?

@@Walter_ If we do our jobs right

They preffer Cisco spying them than Huawei

In space you need realtime operations. You can't have that with a GC.

For me it isn't about whether or not it is or isn't a skill issue because if you do anything wrong ever it could be considered a skill issue. I think that having a language that nearly completely prevents certain kinds of skill issues releasing in working production code is a good thing.

In one sense, C is neither memory safe nor unsafe, because that's in the hands of the programmer. On the other hand, if the security problem is located in the possibility of making unsafe programs, then C itself can be considered unsafe.

C++ is even worse in that regard.

@@georgerogers1166 in c++ you don't need to compile every single dependecy though although, linker errors are one of the easiest way to go crazy lol

@@georgerogers1166 Compilation speed is not about language, it is about compiler.

@@0x90h c++ is inherently slow compiling when using templates. Multiple whole program compilation.

​@@0x90hit's still about the language, the C/C++ header system slows down process noticeably. That's why C++20 has modules support - to speed up compilation.

Useless addidtion. bool can be 0 and 1

@@defnlife1683 c had bools since c99

​@@sillymesilly, bool is useful in _Generic, it also allows you to simply cast the value to zero or one and has different float casting logic

This is what we call "preaching to the choir."

I am more concerned that rust is also being used to create malware/exploit

​​@@YandiBanyu oh it is, and will continue to be (there are already "hacking" courses that use Rust on youtube). You can't touch hardware without security concerns. Unless the government wants to rebuild everything from the ground up, it will continue to be that way.

@@YandiBanyu Which is even more reason to use Rust for the possibly targeted good software as well, as a counter measure.

@@jongeduard I am not saying do not write software using rust. Both can exist at the same time. I am merely pointing out that malware too can be created using rust.

@@YandiBanyu Oh no problem, I did not think or intent that either. I just emphasized the importance. I actually liked your comment instead.

The much better way is to make arrays of the length of powers of two and to mask the index with a binary operation. If you want a significantly higher level of security still, then you use the MMU. None of this does anything for you if the attacker has hardware and root access. These are all just obfuscation techniques. If you need truly secure systems, then they need to be isolated physically. A strong steel door is the best way to go. ;-)

SOC analysts just got even worse at our jobs

"borrow checker on the other hand, will not" sounds like a religious dogma

​@@igoralmeida9136I guess there's a slim possibility that the borrow checker would allow code that it shouldn't, but so far I've only ever heard of it being overly restrictive, which I'll gladly take over manual verification.

@@chinoto1lookup cve-rs.

@@TapetBart My other comment disappeared. Shortly after my first comment, I looked into cve-rs, which escapes the borrow checker. Funny how I found it so quickly after my erroneous comment.

@@igoralmeida9136 I mean it's an algorythem, and it has rules that prevent data races and use after free's, so therefor, it does make make mistakes, because it isn't a human, idk what universe your in where this is religous dogma.

Damn, those 12 programmers downloaded crates 60 billion times, while creating 141 000 crates. Very impressive.

13, I started learning it.

Is the alternative to build your own compiler from scratch? I don't really understand this argument.

@@ultimatedude5686 you fell into internet falacy 17: assuming something is an argument. And falacy 18: assuming it was a personal attack against you. And falacy 19: being offended by it. I was merely poking fun at the idea that delegating responsibility automatically yields better results.

@@Terrados1337 I was using the word argument very loosely. I didn't find what you said offensive, I just disagreed with the point you're making. Delegating responsibility to much larger and more well-maintained codebases (like the compiler and the standard library) is generally a good idea.

and an even better way to introduce new bugs

Never heard of it in real life: so competition currently non-existant.

@@samuele5931 tuple is one example. Zig ships with a compiler that can compile C and C++, its memory safe and simple so I think its a pretty strong competitor because of the way it sets it self up for rewriting legacy C and C++ codebases. It would be simpler to rewrite in Zig than Rust

@@samuele5931 Bad take Uber use it My company use it and we're responsible for a very popular software to manage datacenters and servers

I agree. If Zig continues to perform and stabilize, I think it will start replacing C, and maybe some low-level C++ areas like games/graphics. Rust will need to compete with Golang to pick the corpse of C++

@@matta5749 what relevance does average level of student have to the quality of the work product which they have been educated to produce? Seriously?

Yeah I was about to comment the same myself. If anything programmers have gotten worse in 50 years, not better as is assumed for some reason.

fortran is still here and wil lbe . c++ compiler enginers will fix that allows you to do bugs so your rust will not be revolution . cuz it forces you to do in the way it wants so idk if anyone in his mind will use rust . there's many memory safe langauges and far easier than rust

@@TapetBartHey, one day you might be in charge of hiring. Do the right thing and spread the truth.

Use the right compiler flags and you can have the same thing without having to learn a new language or participating in an obnoxious community

Just use compiler flags

and maybe his bicycle too

There is one crate that demonstrates that it is possible, though not common to have memory vulnerability in safe rust, if you try really hard. On the other hand, best C programmers, even when trying really hard, release software with these vulnerabilities on daily basis. So I think, Rust is safe for now.

i mean, your average rust programmer is not exactly using HRTBs in their code lmfao

"the white house said it, it must be true! Everything else is disinformation! Censor it!"

Rust is generally safe, what CVE-rs did is very, very, very specific AND what they did it is catched by MIRI (which you should be using if you are trying to make your software the safest as possible with the language). It is also a problem that can be fixed, so it eventually will. Of course I'm not saying it is not bad, it is pretty bad, but still, edge cases does not removes the benefits on security of the language.

@@diadetediotedio6918 "eventually", sure

Rust is bloated, not as minimalistic as C.

@@TheDarkBusinessman >c >minimalistic have u seen libc?

Can you be 100% sure? You know the German saying: "Even a blind chicken does occasionally find a corn."

@@stzi7691 Hahaha... True. However, I don't think this is the case with Rust. Largely because I don't think Rust is anywhere near as "safe" as people think it is. I mean, there are videos floating around now, which show people breaking the borrow checker and causing memory leaks, which most people seem to think cannot happen.

@@roberthoople wow rust has bugs? well back to writing assembly, be sure to push ur registers to the stack before overwriting them! how is this a good point in ur mind? rust provides a lot of checks that avoid most vulnerabilities in C programs, it not being 100% effective isnt an own to it being safer

​@@yandere8888 LOL. My actual problem with Rust are it's childish fanbois, and the diaper stink they bring to every programming conversation on the internet, not so much the language's on-by-default safety features themselves.

@@roberthoople ah yes the adult thing of not using a language cuz u dont like the other ppl who use it what?

Exactly -- lousy coders do not become good by being given safer toys. If anything, this will result in even more bad code due to the perceived "safety".

@@rusi6219 Thank you. Perfectly Said!!!

​@@tiranito2834??? The rust compiler is OS, obviously. There are alternative ones, there just isn't reason to use them yet. If there's ever issues with rustc obviously it will be forked and a new one will be the default compiler choice, if there's demand for it.

@@clairel34 Except you can't call it a Rust(TM) compiler without permission.

Government has stack overflow errors, wants people to use language that claims to prevent them. It's certainly ironic.

So if the government says breathing is important, are you going to stop breathing? If they say something which is correct, it doesn't magically become incorrect just because you don't like them. Rust is generally a safer language to use than C/C++ from a security perspective. No need to try to warp the facts with your politics.