Their OS is broken by design, so no doubt.

I bet it's not C fault, but some developer. It's quite hard language, but very powerful one.

And what other choices you have before Rust? Really? The only other choice was C++, a lang with adds more complexity without solving ANY C problems.
And other langs like Java, Python etc. are just not sensible option for some tasks, you just didn't have before Rust a choice if you need a lang with is compiled without a GC.
Also, I completely don't get how the whole "C is more successful" is an argument here, you are comparing a language with had ~40 years of time to adopt on the market vs ~10 years. Of course at this point in time C will be more "successful", that doesn't mean in 30 years Rust can be at this point now C is and even beyond that.
How is this even an argument? Man, it is like saying that fuel powered cars are more "successful" then electric because we used them over 100 years and electric cars are only recent getting tracking. HOW IS THAT EVEN AN ARGUMENT?!

I think the point being made here is that whether you're a great/average/crappy programmer, that the use of Rust would significantly reduce or eliminate these types of vulnerabilities from ever occurring...or you could just publicly shame thousands of developers. Hmmm....what to choose.

I mean, programming languages are as insecure or secure as much as the developer themselves. If Rust provides a good framework, there will be less bugs just because it's harder for issues to sneak in (but not impossible). C just allows way too many to sneak in and that's the main issue with it.

Rust is not a high level language, try again.

Actually if you get serious enough they don't depend on C. In this ream you have languages like Ada or Erlang because of the guarantees they provide. Or in cases iike sel4 (the only actually formally verified kernel) you have Haskell.

Languages like Haskell are also used a lot in defense, at least when you don't need real time guarantees. And in any system that is really mission critical, even if it is written in C they use theorem proves like Coq or Isabell where as Rust already has the theorem prover built into the language.

In terms of design Rust is basically variant of C with parametric polymorphism, traits and a linear type system to prove memory flow. It doesn't have any GC and memory allocation in Rust is manual, just like in C.

There are many people using Rust for embedded software development today. Perhaps do a quick Internet search for `no_std rust` and `embedded rust`. You get to decide your own allocation strategy, when and how to initialize memory, your own re-use strategy, and when to free memory. Guess you think Rust is excellent now?

This ignores the fact that all C code is by default unsafe, and there is no way to build safe abstractions in C. You can't prevent a programmer from calling your API with invalid memory addresses. Everyone writing C libraries is eternally engaged in defensive programming techniques to handle unexpected inputs. Whereas in Rust you have clearly defined types, ways of encoding constraints into types, and the ability to fully capture and ration ownership of data.

Is this what you would say about C++? Rust uses the same garbage collection mechanism as C++ — RAII. The compiler tracks the lifetime of variables and inserts drop methods after the last reference of the variable in the code. There's an established spec for the order that the drop methods are invoked, and the order that fields in a struct are dropped. The killer feature of Rust is in how the compiler enforces aliasing XOR mutability, utilizes an ownership model, and allows the programmer to tag lifetimes of references.

20 years ago, these "unicorn farts" were thoroughly described and explained in an AT&T Labs research paper: https://www.cs.umd.edu/projects/cycl...ne-regions.pdf

How "successful" a language is can be difficult to define.....but popularity and widespread adoption (especially by big companies) can be one indication of "success" right? That's just one metric. There's also functionality...and perhaps the rate of vulnerabilities should be thrown in there.

According this report (written 2 years ago):


The C programming language accounts for the highest percentage of all vulnerabilities (out of 7 the languages that were tracked/polled) with over 77% in the last 10 years, and 47% for the previous year.

I understand that C has an incredibly large user-base, but damn that's a high number.

That's a silly thing to say. Memory errors (among others) should be a thing in the first place. Developers shouldn't HAVE to worry about stupid mistakes like that. The C language, in fact, is neither hard not powerful. It's very easy to learn but it's expression power is extremely weak, which means developers must spend their time paying attention to problems that should not exist. That's in comparatively simple programs. In complex ones... we'll, you get CVEs.