[Info-vax] Rust as a HS language, was: Re: Quiet?

Thu Apr 7 10:55:54 EDT 2022

In article <t2mkq4$ib9$1 at dont-email.me>,
Simon Clubley  <clubley at remove_me.eisner.decus.org-Earth.UFP> wrote:
>On 2022-04-06, Dan Cross <cross at spitfire.i.gajendra.net> wrote:
>> In article <t2klgp$dm4$1 at dont-email.me>,
>> Simon Clubley  <clubley at remove_me.eisner.decus.org-Earth.UFP> wrote:
>>
>>>My point is that this all-new all-singing programming language that
>>>will save us all (according to its creators) is released with all
>>>these new and unique features that make Rust better than anything
>>>else out there for security (also according to its creators).
>>
>> I invite you to provide a citation to one of the Rust creators
>> making such a claim.
>>
>> Again, these people aren't fools: they understand that no one
>> language is the One True Solution to All Problems.  The people
>> who designed and implemented Rust are actually qualified PL
>> people.  You seemed to have glombed onto the fan boys pitching
>> hype and somehow think that's representative of the folks
>> actually doing the work: it is not.
>
>That last bit may be possible.
>
>I don't know how old you are Dan, but I'm old enough to have gone
>through the early years of Java and the insane levels of hype that
>were being generated about Java during those days before things
>settled down and much of it _was_ revealed to be hype.

I'm old enough to remember that, as well.  Indeed, I read a
pre-alpha Java spec and thought it was pretty nifty at the time.
Then the snakeoil "Uncle Bob" types got a hold of it and it
became a bloated mess.

>The insane levels of promotion of Rust as "the" solution at the moment
>remind me of those days.

I wonder where you are seeing that.  Seriously.  I know and/or
have worked with a number of members of the Rust community for
several years (members of the core, language, and tool teams,
for about 3 years), and they're quite gracious in admitting that
it's not the right solution for everything.

>>>People then start using this language to create libraries and manage
>>>to still write code that compromises these new safety features, hence
>>>making the library unsafe, but unsafe in a way that is unique to Rust
>>>because it manages to violate the guarantees that the language says
>>>it gives you.
>>>
>>>And before you say it, I know Rust is not unique in this and that is
>>>exactly the point. Just as you have to do when writing code in other
>>>programming languages, you still have to know what you are doing when
>>>writing Rust code or you can still write code that has security issues
>>>within it.
>>
>> No one serious ever claimed otherwise.
>
>I note your "no one serious" qualifier. :-)
>
>Sometimes, looking in from the outside, it's hard/impossible to tell
>the difference.

Yes, well.  Like with all things, one cannot control people who
want to say outrageous things.  However, after a certain time in
the industry, one usually learns to identify those people and,
well, ignore them.

With respect to Rust, I feel myself very fortunate to have come
at it from a _very_ skeptical perspective.  I was just tired of
writing kernel code in C, and while I looked at Rust and said,
"big, ugly language" I gave it a shot anyway because it had a
minimal runtime and was easy to get going on bare metal.  I'm
pleased I did.

	- Dan C.