If you are looking for some kind of metal panel business idea, allow me to be clear: the Rust I am referring to is a programming language.

Still there?

When I started learning programming languages I was 8 years old, the world was in different shapes and computers were more like romantic and magical boxes rather than the tools people TikTok with today.

GW-Basic and C were my first shots in computer science during the time in which memory was directly accessible - for the fun of many and the profit of others. It was so easy to perform brutal attacks on the operating system kernel via some legit constructs that those languages provided.

My years in academia have been characterized by the massive use of C (much less of C++) for back-end systems and implementing common and more exotic algorithms in computer science. Big jump ahead, the years of my Ph.D. have been characterized by the massive use of C and instructing compilers to mitigate some of the nasty issues all low-level programming languages are affected by, which is direct access to memory. Hence, issues like forgetting that you have already freed memory (double free), reading/writing beyond the limits of an array (buffer overflow), pointing and accessing invalid memory, etc. have led to some of the most serious attacks we know in the history of computer science so far.

So what does this have to do with Rust?

As a matter of fact, Rust has literally wiped off most of my Ph.D. material in one new programming paradigm. And I am not pissed at all.

My most ambitious objective (and not only mine) during my Ph.D. was to build a compiler that fixed the double free issues, buffer overflows and invalid pointers, automatically (sometimes without even informing the developer who ended up repeating that nasty bug over and over).

Rust has done just that: it has moved many of the responsibilities from the developer to the compiler (for Python programmers, the compiler is that thing you give up your flexibility and performance to, every time you write well… Python) by introducing a new paradigm of programming.

In such a paradigm it is not possible to have those bugs ever. The compiler will just refuse to continue and generate a buggy program. The more pedantic Rust compiler will definitely frustrate the developer. I don’t actually have a solution for that. Time for another Ph.D.?

Rust provides this level of awesomeness by leveraging five fundamental concepts in programming language design. Let me briefly go through each of them.

The borrow checker

Rust’s borrow checker makes sure that references (and pointers!) do not outlive the data they point to. All memory unsafety bugs? Gone. “Yeah but dude… I am losing flexibility” you say? Worry not, you can still use unsafe Rust. If you feel like you deserve that responsibility (and you better know WTF you are doing) go ahead, make your code unsafe and unlock some super-powers. The good thing is that when you have a bug (because you will, dude), you would know exactly where to look at. Remember that unsafe block you wrote and felt so proud of? Maybe you wanna look there.

Ownership

If you don’t want to tidy up your room, someone else (mum?) will have to. And that will come at a price (don’t let me go there). There is a reason why all languages based on a garbage collector are slower than those without. Guess what? Ownership is a paradigm of programming that allows Rust to keep track of memory (and freeing it when no longer in use) at zero cost. How? By changing the way programmers are used to thinking (and believe me, the way Rust forces you to think is the right way). A trivial

let y = SomeType { field: String::from("hello") };
let x = y;
println!("{:?}", y); // This will fail. We no longer own y

moves ownership of y to x. This means that y cannot be used after that statement. This simple concept allows the compiler to manage memory for you and keep your room in an impeccable state.

Concurrency

This is a big one. Especially due to the current trend and the availability of multiple cores for tasks across domains. Not only Rust makes concurrency easy (alright relatively easy - sometimes the syntax is a b!tch). The combination of ownership and locking mechanisms make concurrency fearless in Rust. Channels enforce thread isolation and data are protected by locks and can get accessed only when locks are held. This prevents one from accidentally sharing states. Data races are never possible (the compiler will just refuse to generate code that might potentially lead to data races).

Portability

The Rust compiler is built on LLVM that in turn can generate machine code for a plethora of target platforms. While this level of portability is still not as big as C/C++, please remember that Rust is only 10 years old (just a bit older than myself when I started programming, how cute?).

Speed and security

If you want a compiler to generate safe code, be prepared to give up performance. The low-level security community is aware of how much code instrumentation techniques can make your software slowdown (to the point that many prefer to trade unsafe code for performant one). With Rust, you can have both. Rust is a compiled language. The machine code that is generated can be optimized (and will be optimized even more as the compiler gets smarter) as much as the one coming from C/C++ and other compiled languages.

As for speed, a decent Rust vs C comparison can be found here and a more detailed explanation here. Just consider that comparisons should be performed between idiomatic Rust and idiomatic C. Needless to say, sh!tty code = sh!tty performance, and that has nothing to do with the language of choice.


Of course, this post does give Rust justice, as there are many more amazing things Rust can offer. While this is a language that shall definitely be considered for system programming, the community is growing at an incredible pace, populating crates.io, the repository for packages and libraries in pure Rust. I’ve to say that there is a lot of duplication and many libraries seem abandoned. I believe that’s a result of the initial enthusiasm from many developers and engineers who have been putting Rust to the test.

Despite making some of my publications - especially those about low-level countermeasures to mitigate buffer overflows - I strongly believe Rust is the language of the future. I am also contributing to some projects that utilize Rust for data processing (the stuff that people do before copy&paste Tensorflow models and claim credits) and I am looking forward to publishing it soon.

In any case, follow me on GitHub.