[nocombination]

Honestly, after being in the software industry for a couple of decades and seeing how many times folks attempt to reinvent the wheel (for commercial or other reasons), I am beginning to sigh when I see how many language zealots there are (not you, just in general). The reality is, Rust does not need to replace everything. Nor should it be held on some kind of pedestal.

E.G. Curiosity rover is doing just fine running on millions of lines of C.

https://vdocuments.mx/monitoring-the-execution-of-space-craf...

If it's going to impact OS stability and decrease performance and portability of the humble, dependable, simple C, it doesn't belong in the core. C is better than Rust for OS development.

[jimberlage]

The Curiosity rover might be doing ok, but the many places that have my social security number are not. I care more about the latter than the former.

[nocombination]

Right—and maybe those places ought to install OpenBSD. https://www.openbsd.org/

Rust is not immune to security vulnerabilities. And at the end of the day, social engineering will steal more data than "hacking the mainframe". Why break in when you can just ask to be let in?

OpenBSD has a great security track record because they resist excessive change and prefer simplicity. For those who want to add Rust to the core of FreeBSD my primary question: is it really necessary? Or is it just because a bunch of Rustaceans want to?

[mcronce]

Not solving all security issues isn't the same as not solving security issues. I'd rather my financial data be handled by software written in something that solves many whole classes of vulnerabilities than something that solves none of them.

[carlmr]

Apart from the fact that it doesn't only solve a lot of security vulnerabilities, but also avoids a lot of bugs, by virtue of having a stricter type system and memory safety.

[nocombination]

Remember we are talking about putting it into the core OS and overall what will the impact be on the stability of said OS. What folks here tend to describe is userspace applications which languages like Go/Java/C#/Erlang/Etc... already solve. In fact, most banks probably already use safer languages for the bulk of the workloads and it works just fine.

I want to point out one more thing: Rust is not a simple language by any stretch. It's equal to in complexity to C++ (yet without decades of established "good practices"). It is much preferable to have an easier to understand core and move the complexity outward—for improved stability and robustness. The core OS by nature of what it does needs to access raw resources in an "unsafe" manner. Rust kernel code will be littered with unsafe blocks and unnecessary complexity.

[avgcorrection]

> For those who want to add Rust to the core of FreeBSD my primary question: is it really necessary? Or is it just because a bunch of Rustaceans want to?

Bfha... the link is a thread by the FreeBSD devs. Stop it with this language evangelist strawman.

[nordsieck]

> Right—and maybe those places ought to install OpenBSD.

Sure.

But running on OpenBSD doesn't solve application level vulnerabilities. And sure - OpenBSD may help limit the ability of an attacker to leverage one vuln into compromising the entire system. But if the original attack was important enough, that's cold comfort.

[kjs3]

OpenBSD? So lower scalability, limited hardware support, less features and a culture that screams "screw you" at anyone who doesn't think their world view is the only One True Way. Yeah...that'd be awesome. I mean, I'm as skeptical of Rust as anyone who's been around for more than a decade, but seriously.

[jimberlage]

It seems like this isn’t actionable for me - I don’t have much sway over people’s choice of install. Given this, I think my best course of action are to push for regulation, or for standards bodies to accelerate the transition to memory safe languages.

I don’t think it was your intention, but what you just said makes me want to applaud more heavy-handed efforts to make the switch away from C/C++.

[kjs3]

the many places that have my social security number

So COBOL everywhere it is. Let it be written, let it be done.

[pjmlp]

Actually it isn't susceptible to C's security flaws, and is a compiled language, with relatively good performance. :)

[pjmlp]

I doubt many C devs would be doing fine coding under the same level of quality expected by NASA / JPL programming standards and security validation.

[timeon]

How is this relevant to parent comment?

[saagarjha]

The C code that went into the Curiosity rover was quite expensive.

[richardwhiuk]

I assume you are still programming in COBOL?

[ben_bai]

Just like C, COBOL will always be with us.

> According to research, up to 850 billion lines of COBOL code are currently running in nearly 30,000 organizations, typically in critical production environments. 90 percent of Fortune 500 companies rely on it. Never has there been this much COBOL in circulation and the volume is only likely to increase for the foreseeable future.

https://www.chrly.pt/en/2023/06/14/cobol-the-immortal-langua...

[nocombination]

It's not what you program in that matters—it's how you test and ensure quality results.

[IshKebab]

That's stupid the language you write in has a huge effect on how you test and ensure quality results. They aren't separate things.

E.g. at one end of the spectrum you have Python where you have to write explicit tests for typos and type errors.

At the other end of the spectrum you have formal verification languages like Dafny that may not require any tests to be written.

Rust is somewhere in-between. It has a very strong type system and lots of features that make memory errors and business errors less likely than in most other languages. You still need some tests, but not as many as with C/C++, Python, JavaScript, etc.

[kstrauser]

I like that Rust tests my code as I write it.

[dboreham]

Looks for lollipop...

[littlestymaar]

The amount of budget and time you have for the all project is finished, and in practice it's much easier for management to skip testing and QA than to reduce the scope of the project / the amount of features.hence the terrible quality that's plaguing this entire industry.

[yencabulator]

It's really hard to test for security.

It's much more feasibly to be secure by construction.