Rust lobbyists winning

  • Owl [he/him]
    ·
    5 hours ago

    Which do you think happened?

    • Honest appraisal of C++ security problems

    • They figured out some security hole in C++ programs that makes them even worse than we thought

    • Some contractor bribed them to say this so that they can get contracts porting stuff to Rust

    • Some contractor dug up new legitimate security holes in C++ programs so they can convince the FBI to say this so they can get contracts porting stuff to Rust

    • High ranking FBI officials are rust fanboys

    I think contractor bribes, but I think that last two are fun.

    • blobjim [he/him]
      ·
      4 hours ago

      It's just the obvious thing. C and C++ don't have safeguards against dangerous programming mistakes. Programming languages exist that do. There are to this day still software vulnerabilities being caused by subtly incorrect code that C and C++ require being treated as legitimate.

      • brainw0rms [they/them]
        ·
        3 hours ago

        C and C++ don't have safeguards against dangerous programming mistakes.

        This is not really true for modern C++... and if you're talking about code bases that use an ancient dialect of C++ where it might be true, the fantasy of even having the option of porting to Rust is actually pretty laughable. C will continue to be necessary for many critical things because there simply isn't sufficient compiler support coverage for Rust to take the throne.

        • sexual_tomato@lemmy.dbzer0.com
          ·
          edit-2
          2 hours ago

          The difference here is that it takes discipline and training to use only those parts of C++. That requires humans in the loop to enforce those decisions. Humans are fallible.

          If you make it impossible at the language level then there's nothing to train. You just can't do the thing unintentionally.

          And they didn't specify Rust; the aerospace industry has been using Ada for decades when it comes to mission critical stuff. Ada's compiler has long had a similar notoriety to rust's regarding the difficulty curve.

  • kittin [he/him]
    ·
    4 hours ago

    I really want Go but without a garbage collector is that too much to ask

    • toys_are_back_in_town [comrade/them, she/her]
      ·
      3 hours ago

      also, separate comment, what are you generally building? if you're writing Go because it's network code, you might want to look into Elixir. It's GC but the behavior of BEAM is more soft-RT friendly due to its history in telephony, you might be more at home there

  • TheDoctor [they/them]
    ·
    6 hours ago

    They’re currently exploring using AI to mass translate software from C to Rust, which will be hilarious if it doesn’t cause Armageddon

    • urmums401k [she/her, they/them]
      ·
      6 hours ago

      I'm actually in favor of this. It's a really good idea, and I hope the state uses it for all the important databases they're gonna use to put us in the camps.

      Please dont be a hater. Comrade AI might just save lives here.

    • blame [they/them]
      ·
      6 hours ago

      that seems like it wouldn't work very well except maybe for small programs. the kinds of bugs they're trying to catch and prevent here may need substantial changes to the program's design in order to prevent. Like the borrow checker literally does not exist in C and it is not a thing people thought about when writing asynchronous C code. Maybe the AI will take a shortcut and write a bunch of unsafe rust code, but in that case what's the point?

    • bobs_guns@lemmygrad.ml
      ·
      5 hours ago

      This won't work completely. Large language models usually fail thoroughly when writing Rust code as there's not as much training data.

  • OprahsedCreature@lemmy.ml
    ·
    7 hours ago

    Am I wrong or is this a strong point in favor of c/c++? I'd generally want to do whatever the opposite is of what the FBI would like me to do.

    • Owl [he/him]
      ·
      5 hours ago

      Nah, that kind of reasoning is like "nazis think people should get armed, so we shouldn't."

    • bobs_guns@lemmygrad.ml
      ·
      5 hours ago

      It's not really a strong point. C++ has its place for graphics programming and gamedev and C has its place for embedded, but Rust would be a better choice for something like a cryptography app to help revolutionaries communicate for example.

    • GaveUp [she/her]
      hexagon
      ·
      edit-2
      7 hours ago

      "critical software" here refers to weapons systems, spying systems, government surveillance systems, cyberwarfare software, etc.

      Do you work on critical software

    • blame [they/them]
      ·
      6 hours ago

      their reasoning is that rust (and perhaps others) that can be used in place of c or c++ have stronger compile time memory and thread safety checking which are two major sources of bugs and exploit vectors. So it's not like they're infiltrating the language in this case the way they would with crypto.

    • urmums401k [she/her, they/them]
      ·
      edit-2
      6 hours ago

      Right but AI translating of all government code is good. This is what you want, especially if shit goes down. Dont tell your enemy to stop pouring the kool aid.