:: Re: [DNG] I have to cancel my Rust …
Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MRainer Weikusat at <-
MSteve Litt at ->
Delete this message
Reply to this message
Author: Steve Litt
Date:  
To: dng
Subject: Re: [DNG] I have to cancel my Rust presentation for 3/4/2026
Rainer Weikusat via Dng said on Sun, 29 Mar 2026 19:18:49 +0100

>Steve Litt <slitt@???> writes:
>> Peter Duffy said on Mon, 23 Mar 2026 19:49:22 +0000
>>
>>>Maybe memory safety is actually not a property of the language or the
>>>program - but of the programmer?
>>>
>>>Most languages have features which can be very useful, but which can
>>>also be dangerous if misused, either carelessly or deliberately
>>>(pointer arithmetic in C is only one example). The onus is on the
>>>programmer being skilled and diligent enough to use the features
>>>safely.
>>
>> In other words, only the ultra-careful need apply for a programming
>> position.
>>
>> Roads shouldn't have reflective lane markers, because the onus is on
>> the driver being skilled and diligent enough to use the road safely.
>> Stairs shouldn't have banisters, because the onus is on the user
>> being skilled and diligent enough to use the stairs safely. Public
>> bathrooms shouldn't have locks, because the onus is on the person
>> seeking entry being skilled and diligent enough to knock before
>> attempting to enter.
>
>I think this misses the point: Every useful device can be abused or be
>used wrongly and humans are really good at getting everything wrong
>they possibly can.

Deliberate misuse is not what I was talking about, and of course no
language can guard against deliberate misuse. I wasn't even talking
about reckless misuse. I was talking about misuse by mistake, and
making it more difficult to make a mistake.


>In a hypothetical universe where all software must
>be written in Rust,

Whoa, I never suggested a rule where all software must be written in
Rust or any other language. There are always going to be (a few) better
languages.

>all security problem will also be written in
>Rust. Humans will manage to do that.
>
>See also "SQL injection" and "supply chain attacks."

I wasn't talking about a situation where somebody deliberately corrupts
the Rust compiler to give badguys some sort of backdoor. This could be
done with any compiler, including gcc. Once again, I'm just talking
about a language making it harder to make a stupid mistake.

SteveT

Steve Litt

http://444domains.com
This message was posted to the following mailing lists:
dng
Mailing List Info | Nearby Messages		<-[DNG] An Anti-InitsystemRe: [DNG] An Anti-Initsystem->

Donate to Dyne.org

dyne.org open discussions
administrated by dyne.org hackers		Lurker (version 2.3)