This voluntary guidance provides an overview of product security bad practices that are deemed exceptionally risky, particularly for software manufacturers who produce software used in service of critical infrastructure or national critical functions (NCFs).
I am mostly joking but rust is quite annoying and is only useful in very specific circumstances. I’m not against encouraging people to use better designed languages than C though
I was being serious. I offhandedly expressed some excitement, in a comment I forgot I even wrote, about interviewing at a place that writes modern c++. Which, if you don’t know, c++11 and especially beyond has features to manage lifetimes, ownership, memory, and other important things just as Rust does (but it’s still C++, so of course it has all the baggage C++ must carry and a compiler that doesn’t enforce any of this).
But you rushed at the opportunity to be a complete ass about it and insult me for no reason. Presumably you also dismissively assumed I’ve never written Rust. Or that in 2024 the Rust jobs are so overflowing that I can just take my pick at one at my own leisure. As if my first preference is to write software in a language that still requires forward declarations.
Yeah. You had such a good point, though. I really would rather not have an income in favor of writing perfectly memory safe software that nobody uses. Surely you have advice on that?
Just because you can, doesn’t mean you should. For application code, it’s almost always better to use a language with garbage collection, in order to get memory safety without undue ceremony. Yes, some gc-ed languages are slow (Python, Ruby), but others are quite fast (JVM, .NET, Common Lisp, Haskell).
If you’re looking to write the types of server daemons often written in C, Go is another good choice. It’s very C-like in its syntax. It has a lot of the same safety features Rust has but isn’t nearly as complex to learn. It also has a huge standard library, so you rarely need to rely on third-party code.
Go isn’t too suitable for drivers or kernels or other kinds of system software though. Rust is definitely a better choice for those.
I am mostly joking but rust is quite annoying and is only useful in very specific circumstances. I’m not against encouraging people to use better designed languages than C though
deleted by creator
Most rust programmers don’t know how to implement a linked list
deleted by creator
Fingers crossed I get this job I’m applying for where they actually care about this.
deleted by creator
excuse me?
deleted by creator
I was being serious. I offhandedly expressed some excitement, in a comment I forgot I even wrote, about interviewing at a place that writes modern c++. Which, if you don’t know, c++11 and especially beyond has features to manage lifetimes, ownership, memory, and other important things just as Rust does (but it’s still C++, so of course it has all the baggage C++ must carry and a compiler that doesn’t enforce any of this).
But you rushed at the opportunity to be a complete ass about it and insult me for no reason. Presumably you also dismissively assumed I’ve never written Rust. Or that in 2024 the Rust jobs are so overflowing that I can just take my pick at one at my own leisure. As if my first preference is to write software in a language that still requires forward declarations.
Yeah. You had such a good point, though. I really would rather not have an income in favor of writing perfectly memory safe software that nobody uses. Surely you have advice on that?
Just because you can, doesn’t mean you should. For application code, it’s almost always better to use a language with garbage collection, in order to get memory safety without undue ceremony. Yes, some gc-ed languages are slow (Python, Ruby), but others are quite fast (JVM, .NET, Common Lisp, Haskell).
If you’re looking to write the types of server daemons often written in C, Go is another good choice. It’s very C-like in its syntax. It has a lot of the same safety features Rust has but isn’t nearly as complex to learn. It also has a huge standard library, so you rarely need to rely on third-party code.
Go isn’t too suitable for drivers or kernels or other kinds of system software though. Rust is definitely a better choice for those.
Yeah I’ve been using Go a lot lately. It’s pretty good