Hacker News new | ask | show | jobs
by fractionalhare 2058 days ago
The person you're replying to is almost certainly not using the word "safe" in the same sense you are. In particular: safety in trading has to do with risk management, strategy correlation, side effects, and correctness.

Software security matters, in the abstract, but trading firms don't care about it nearly as much as tech companies do. The other thing is that being as fast as C++ is not compelling enough a reason to replace C++ for their use cases. If anything, Rust's dependency management story would be the thing to highlight (this is part of what's compelling about the JVM).
2 comments
jariel 2058 days ago
"Software security matters"

I think the responder's version of 'safety' really boils down to 'null pointer safety' - not 'software security'.

And even then, people keep talking about it like it's 'the thing'.

Java has null 'references' as do most languages frankly and it's just 'a thing' almost never 'the thing' to be concerned about.

'What devs want' is basically something kind of like Java, but that compiles, predictable/controllable performance and memory management i.e. no GC. That's it. It will probably end up being Rust, but that's because Rust will eventually provide all the nice, clean, modern package management, idioms, libraries etc., not specifically because of the 'safety'.

Granted I don't want to diminish that in the attempt to create 'proper memory management' you probably end up writing better software anyhow.

link
fractionalhare 2058 days ago
That's fair. Instead of saying "software security" I should have been more specific in talking about memory and pointer issues. In that sense, yes Rust does offer some safety guarantees beyond preventing memory corruption vulnerabilities.
link
nv-vn 2058 days ago
Jane Street famously uses OCaml for these types of guarantees, so I would think Rust would offer similar benefits.
link
fractionalhare 2058 days ago
Why would you think that? Rust's major selling point for safety guarantees is the borrow checker. It does not provide most of OCaml's type and functional semantics.

That being said: Jane Street is pretty avant garde in this respect. I expect there already is, or soon will be, a successful trading firm which likewise builds its tech brand on Rust and alternatives to Rust standard library primitives. But overall adoption will probably continue to be anemic.

link
tormeh 2058 days ago
It has immutability, no null pointers, and error types. It has escape hatches available for everything, but unnecessary use of these should be caught in code review, so I don't think it's a big deal. Not sure what correctness features OCaml could add beyond those, but then again I've never programmed in OCaml, only Scala, so I might be wrong.
link
WJW 2058 days ago
This is perhaps the most "blub" comment ever written. There are whole classes of bugs that can be caught with more advanced type systems that the Rust type system + borrow checker will never catch. No null pointers and immutability is the bare minimum.

If you're interested, check out https://www.youtube.com/watch?v=10gSoVZ5yXY for an example of the types of compile time guarantees can be had.

link
tormeh 2058 days ago
Does OCaml have dependent types? I thought that was a Coq and Idris (and Haskell, to a lesser extent) thing.

I am aware that dependent types exist, but quite frankly I've yet to see a popular/ergonomic language implement them. As much as we'd like absence of null pointers, error types, and immutability to be the norm it is not and it will take decades until it is.

link
pjmlp 2058 days ago
You can also do it in Ada/SPARK, Eiffel DBC, F*, Dafny.
link