i am engaged to Rust
Vložit
- čas přidán 22. 09. 2023
- Why would I use Rust? Why would I choose Rust despite the problems with the Rust foundation and all the other baggage with the language? It's because I think Rust has potential that not a lot of people can see. Rust is the future, lets talk about why.
🏫 COURSES 🏫 Learn to code in C at lowlevel.academy
📰 NEWSLETTER 📰 Sign up for our newsletter at mailchi.mp/lowlevel/the-low-down
🙌 SUPPORT THE CHANNEL 🙌 Become a Low Level Associate and support the channel at / lowlevellearning
🛒 GREAT BOOKS FOR THE LOWEST LEVEL🛒
C Programming Language, 2nd Edition: amzn.to/3OKh3q2
C++ Crash Course: A Fast-Paced Introduction: amzn.to/3qdZILK
The Rust Programming Language, 2nd Edition: amzn.to/3MHaS36
🔥🔥🔥 SOCIALS 🔥🔥🔥
Low Level Merch!: www.linktr.ee/lowlevellearning
Follow me on Twitter: / lowleveltweets
Follow me on Twitch: / lowlevellearning
Join me on Discord!: / discord - Věda a technologie
Rusty Relationship
UNDERRATED
The Rust logo seems more orange than usual, you will hear from their lawyers
- This wedding is NOT endorsed by the Rust Foundation. - 🤵🧡🦀
Ha. Rust trademark😂
still can't believe their so flagrantly violating the dreamberd trademark like that.
Languages come and go but C is always there.
it may take some time but I think rust and c will grow old together
C will never die
That's because one needs a macro-assembler that's barely a programmer language from time to time to do shit with microprocessors.
@@maxscott3349 It will, after the Von Newman architecture of stored program.
I use c and Linux, that's just best. 😌
Please keep the security researchers employed by writing C.
I left my wedding present on the table of wedding presents.
Sorry, on which table? I accidentally dereferenced your bank account
"I like to look at this as 100% of all malicious vulnerabilities are caused by bad coders"
- C dev
and 100% of all programmers become bad coders at some point during certain nights working on important code
You are a good programmer today, bad programmer tomorrow.
@@puffin_000 I thought you became a bad programmer the moment you used C to begin with.
What about zig? It's basically improved c.
- easier to learn than Rust
- has inbuilt bounds checking
- has inbuilt integer overflow checking
- has a defer command that frees memory automatically when out of scope
- no need for header files, you just "include" the other files you want and no need for the "extern" keyword
- no need to learn cmake and it runs in one command
- It can compile c and c++ programs and even include c code in zig projects.
I personally found zig 10x easier to learn than rust
Rust is only 17 years old
👀
@@LowLevelLearning FBI, open up!
Sus
That’s legal in many states 😂
its 18 now
Really like your last few videos, good job 👏
Thanks! 😃
I'ma possibly just go ahead and marry zig.
Quick question for those really knowlegeable about Rust safety features. We can 'see' in 'theory' that Rust is safer. But what about in practice? Does the average Rust program end up being safer to attack and so on than an average C program? I'm asking this from an empirical point of view, do we have any proofs, studies, surveys, etc.?
Proofs ain't empirical. They are inherently theoretical. You MAY proof something using statements obtained via empirics, but the proof itself is still theoretical, and it will state something with a propability in the end. It's not what you're asking for.
Surveys? I mean, look at the market for a survey. Plenty of the large corporations have already or are in the process of adopting Rust to replace C(++) stacks, after initially dipping their toes with smaller projects. Also plenty of projects that need a secure base, such as cryptography libraries, have adopted Rust despite disadvantages (such as compatibility, C code is usable in more devices).
Also, why are you asking this question at these "knowledgeable about Rust safety features"? That implies knowledge about the theory, not empirical knowledge.
As someone familiar with the theory. There sure are gotchas. There always are. Such as using C libraries. Contrary to what some people may state, noone wants to rewrite everything in Rust, at least not in the foreseeable future. So you will end up using C libraries / parts in most Rust projects (I mean POSIX is a bunch of C APIs). And if that library has a memory error, or isn't documented correctly, or if you did not read it's documentation properly, then you can easily have safety issues. Or of course, sometimes it's unavoidable (e.g. to hit performance targets) to use 'unsafe' code, which is actually slightly less safe than writing C code. But usually you localize that in a few spots.
Check out an article from Google titled "Memory Safe Languages in Android 13 ". Excerpts "While correlation doesn’t necessarily mean causation, it’s interesting to note that the percent of vulnerabilities caused by memory safety issues seems to correlate rather closely with the development language that’s used for new code." and "To date, there have been zero memory safety vulnerabilities discovered in Android’s Rust code."
In 2022 Google released a blog about the safety of using Rust for low level code in Android called "Memory Safe Languages in Android 13"
At the time, there were about 1.5 million lines (not sure if this is in the entire low level code base) of Rust code, which is about 21% of the native code.
In all of that, a total of zero memory safety vulnerabilities were found, while in C or C++ code more than 1 vulnerability gets found per 1000 lines of code, meaning the Rust code would be expected to have 1500 bugs.
Also, the total amount of vulnerabilities caused by memory safety went from 76% to 35%, but it goes down every year so that doesn't mean that much (but it went down significantly more than last year).
I think this shows pretty clearly how effective Rust is, and you can read the blog yourself if you want more detail.
Not 100% numerical but were seing a thrend of attackers using rust to write their malware since A) its harder to reverse engr since Rust is less well known B) its safety features have meant overall more relable malware
So theres like a real world applied example , it doesn't answer "how much" but i think we can say that it's resonable to assume that it has value in practice
I think you can't write the traditional exploitable buffer overflow weak spots in Rust unless you explicitly use unsafe, which is rarely used, if at all ever. I have never used unsafe except when external library wants me to call unsafe functions. The important safety feature for me is being safe from crashes caused by idiotic memory bugs during runtime. Going from C to Rust is comparable experience to going from typeless language to typed language, you'll save time by catching more errors during compilation phase.
It would be nice if Rust truly becomes a widely used language. I would love to use it in my daily job someday.
"It would be nice if Rust truly becomes a widely used language"
I thought it already did. Maybe because rustaceans make believe it.
@@IBelieveInCode me tooo
i blaim the primeagin and all new OSS projects...
Search for the right job. I am developing in Rust as my daily job :)
@@IBelieveInCode It aint going anywhere naming yourself as a "rustacean"
@@eckelfresh 🥲 where are you working and how can i apply?
I'm with you! Good video!
If the saying that “A language that doesn't affect the way you think about programming is not worth knowing.” then Rust is TOTALLY worth it, besides it is used or not.
I would love to hear your opinions about new languages/projects comparing it to Rust specifically: what do you think about Zig, Carbon, Project Verona and, specially, Vale Language by Evan Ovadia?
I don't think we can count on Project Verona yet, it's still in research stage.
Same with Carbon, it is still in experimental stage.
Zig is interesting though, D lang aswell!
And even if Rust itself doesn't "catch on", its concepts definitely will
I saw the C++ diss coming a mile away and it still was glorious.
As my professor said one day: "You will die but C will live"
it took me an hour to init an array with bigints, top tier language right there!
Excellent, give use some more wonderful Rust content :D
I'm so happy for your decision
I have started my low level journey with C since I want to do embedded and basically the entire embedded scene is in C. Once I feel comfortable I’ll have a look at Rust and will probably use that too.
Check out zig for embedded!
That’s a good way and I think it’s better than learning rust from the start. I think you have to fall on your nose with C a few time to actually learn what rust really is about. Otherwise you just wonder why they put so many obstacles on the way
I kinda agree with this take, but don’t artificially lock yourself in. Do some Rust if you’re curious. You can always come back to things later. There’s no need to exclusively master something before allowing yourself to explore what else is out there.
Makes you a better C programmer too.
That's 100% true. I've only dabbled in Rust but there has been a noticeable shift in the quality of my C code compared to before I checked Rust out.
I'm a bit sceptical about Rust actually replacing C. I believe a memory safe, but simpler, language is going to be needed for that (think Rust borrow semantics on a Go-like language). But as it stands, Rust definitely helps you be better at memory management even in other languages.
indeed, rust is the greatest language for writing code. It's synthax makes you learn programming deeply. For example all asynchronous actions in any language is like a future trait, any risky action returns either ok or error result, which is exist in rust by result type, and if you want to make something optional, there is a type named option exist in rust. Making error handling mandatory even minimalistic way is also very good thing because if you make some mess you have to clear it and it's better if it's early.
Writing rust is revolutionary thing relative to other languages that exist. Sometimes it can be rusty but, you cannot make rainbow without rain!
Wow what a comment, and the bottom line really rocks
You could also betray Rust with Zig.
The shirt he's wearing says "Expert" programmer in a certain way, not really expert, but still expert.
tcc -b tells you when memory corruption happens before it causes problems.
Can you please give us your thoughts on what will be the future of zig, in a Rust world
Curious what your opinion is on Mojo. (Maybe a video ?) I understand it implemented its own borrow checking and similar memory safety concepts into its design?
Reading their site it screams "give us investor money plsss" The whole thing is basically conjecture, jargon, and fluff with no material on what it actually does, how it improves anything, and legitimate benchmarks. They are also closed source which is extremely big red flag with only a "trust me bro" on when they'll give source.
I wouldn't touch the language with a 50 foot pole.
I laugh so much when he described C lang :D
The thing is, all languages try to solve the security problems of C by simply not allowing you to do what you can do in C. That is why it is so difficult for someone get engaged to a new language that does not allow you to do things that your ex did allow you to do, if you know what I mean ¬¬
Isnt rust a c++ replacement and zig a c replacement?
GO > C++, Zig > C, Rust cant be compared
Question: What's a good project to experiment with and learn some low-level programming? I'm hoping to repeat the same project with C, C++, Rust, and Zig to see how I like each of them, explore their strengths and weaknesses, and then choose 2 (probably one old and one new) to keep learning with.
Any thoughts on a good option? Thanks.
Write a compiler/interpreter
I've been doing C and Assembly and trying to automate real world math that I have to do a lot of. It's a lot more "fun" trying to reinvent optimized solutions for things like parsing strings. I've been fighting with inputting and outputting mixed fractions for quite a while now
you can rewrite some basic command line utility in all of your languages of choice
another great project for any language is advent of code. you won't interact as much specifically with the low-level stuff there, but there are a nice variety of tasks
@@asdfghyter Yeah, I was thinking of practicing Zig and C# with that, but I could just do all 4 languages I mentioned. That might be good for feeling them out in a variety of use cases, because they're probably more/less suitable to different tasks and contexts.
Interesting take. What about older programs that are running fine for decades using C (not C++) and when there is no one around that has Rust knowledge? And what about alternatives like Zig or Odin which seem to have an easier learning curve?
Damn she is beautiful ❤
pedo
Pure love ❤ can I borrow it? 😉
no
@@khanra17 Just clone her XD
Just type "sudo pacman -S rustup", but sshhh, dont tell him
This man singlehandedly reignited my interest in low level programming
same
Well I think that Rust is like the new Pascal, where C is Fortran, Zig C#, Java VB and VBA just TypeScript. So, it'll be used unless memory is not abstract.
I am learning c pp . should i check rust ?
Great video. :)
from the thumbnail on my phone, that chain looked like a stream.
I know it's a joke and I hope everyone takes it the same way, and this probably goes without saying, but still, don't marry someone for their "potential", marry them for who they are, as they are. If you go into something like marriage with your attachment or love being conditional on them becoming this certain version of themselves that YOU have in ur mind, u're just setting yourself up for disappointment and don't have anyone else to blame really. Plus u're being a major jerk to the other person:)
Good luck with Python then
Then if we write everything in rust, every malicious vulnerability will be because of logic bugs, authentication errors, crypto errors, SQL injections, CMD injections... right?
Yes, nearly. And we will have successfully reduced the number of vulnerabilities by 70%, or in other words, over 3 times.
@@hottoniapalustris1541 That's complete bovine excrement and if you were wiser you'd know it.
Actually using rust there are some amazing SQL libraries that also completely destroy any possibility of injection as well, like with many other languages tbh. So cross those off too
And thanks to enums (which you should be using instead of piles of bools) logic errors are (almost) impossible as well
@@DissyFanart That's just propaganda. Stop it.
Yes, and we also lose access to the thousands upon thousands of custom written libraries that only work on other languages. Have fun reimplementing LibTorch in Rust since it’s only in C++
Honestly, I love Rust becase cargo. Python and C are a nightmare when you want to use libraries.
Pip?
@@backendtower6580 yeah why make anything cool when you can spend months on your own library that will be used once
@@backendtower6580or just use rust
Write everything yourself is how you reintroduce heartbleed
@@backendtower6580 omg you're a genius!!! why has anyone thought that???
@@Miles-co5xm Venv is the bane of my existence. Especially after Ubuntu 23.
The thing I can't get over is the runtime bloat.
I'm gonna keep it platonic with Rust, C's been there for me.
i think, the problem with C is that there is no way to protect memory or a standard way to make arrays, if C has standard way to make true arrays, memory protection checks and closures, it would be the best programming language
What do you mean true arrays? What consists of a true array? Since my time using C89 I always thought the [] standard was a true array?
@@zeektm1762probably dynamic, like std vector? you can create your own with malloc but there's no like a standard way
What do you think of Zig? Couldn't the same be said about it.
What about your opinions on Odin and Zim?
How do you see zig doing in this space? Does it give you the freedom of C with better safety? Would that make it more approachable than rust?
yeah Zig is basically C but safer, easier to write and with more modern features. Like zig does bounds checking, makes overflow and underflow explicit, memory allocations are explicit, pointers cannot be null, so you have to use optionals, you have language support for tagged unions (aka sum types), everything is an expression (like in rust), etc.
It's easier to learn than rust for sure, as it's not as different as rust, but rn there aren't as many resources for it and it's still a WIP language, so I wouldn't recommended to people that aren't willing to put up with the rough edges and the lack of documentation.
I think zig is better in this space since "unsafe" zig is safer than _unsafe_ rust. For low level programming in rust you need to use _unsafe_ a lot. Also you likely need to use C libraries and zig is far better at doing that than rust.
@@notuxnobux
Rust unsafe is directly the freedom of C to do whatever you want, but if you're 99% of programmers, you aren't ever going to have to touch it, so it's fine being that way. The only people who are using it are, like you said, the super low level library devs, which are on average more knowledgeable than the rest on that specific area of programming, at least I'd hope.
I think rusts unsafe being... unsafe. Is good, people should be testy around it when they're using it, because you removed the guardrails. If they tried to make unsafe safer it would undermine the point and imply more people should be (or need to be) using it tbh
@@notuxnobuxIt really depends. You're generalizing but I'm not sure it's a good generalization. I've been working on a significant embedded Rust project and my own use of unsafe amounts to about 3 lines of code, all trivial, and the only C library in sight is a proprietary heart rate algorithm in a static .a file.
Cool video! I do like it overall - the whole sizing them up as commodities analogy is fine until it gets to being like "y'know, the way we size women up as commodities, right boys?" Like that's kinda understood as normal and okay in some circles but fwiw as a woman engineer it gave me the ick. Maybe it's in character and I missed something. 🤷♀️ But it does seem to have resonated with some of the audience 😬 lol
Well, from my naive perspective anyway, we already seem to be past the point where most systems are so secure its easier to go after the people (social engineering), but, rust does probably streamline the generation of secure code. Funnily enough, I like it for the syntax and no oop, but safety is good too.
Beyond that, having memory-safe code prevents bugs with memory which is a massive massive massive plus
@@cycliii What I mean is you could check your own borrowing in something like c, rust just automates this process (which is good of course... less human error) and that pros are probably already following safety promoting principles (though again, not error free). Probably more of a (drastic) reduction (rather than an absolute stop), since you're still free to make memory errors at the very least in unsafe...
I also have a crush on Rust’s Option 😘 can’t wait to unwrap my boxes
You don't monad do you ? X) Perhaps you should take a look about category theory, monad and railway oriented programming. It will make your code elegant and easy to understand
@@fabricehategekimana5350 thanks! Will definitely check it out!
Im not to big of a fan of using Rust as I think it is cumbersome to use(I prefer C++) and ugly to look at. However from an objective point of view Rust is far superior to both C++ and C. It has an Ocaml style module system, sum types, pattern matching, traits(similar to Haskell typeclasses), memory safety, great support for functional programming and a very powerful macros system that beats both C++ template system and C macros. An interesting thing about Rust is that it seems that it attracts a totally different type of programmer than C and C++. C seems to be for Unix guys, C++ for game developers, but Rust seems to be attracting people from the dynamic programming languages like python and javascript.
On the contrary, I think C++ is cumbersome to use and ugly to look at, especially modern C++. Rust's syntax and idiosyncrasies can get a while to get used to, but once you do everything makes a lot of sense, and going back to C or C++ feels like shooting yourself in the foot.
want to hear the tsoding rebuttal heh
what would you choose between rust and golang for job security?
either one. both have growing market penetration, just different use cases.
What's wrong with malloc from the heap?
maybe saying that googles estimate of 70% applies to all code in the entire world is a little misleading? its just one example
I don't think it's valid to call a statistic, even if it's been reduced to a single number, which was calculated based on data from thousands of projects, "just one example".
@@peter9477 still one source that comes from one company's code (which is largely proprietary)
In Rust we trust!
Heyy man, I am about to enter into the world of electronics engineering, what programming languages do you recommend to have a good grasp of and will be required?
for electronics engineering, probably C and the assembly variant of the platform you'll be working on. Likely ARM.
@@LowLevelLearning so rust or c++ won't be required?
@@dibyojyotibhattacherjee4279Actually electronic engineering also learns C++ because C++ is an extension of C. Usually you learn C and assembly in your first half of your first year, then you learn C++ in your second half of your first year.
@@dibyojyotibhattacherjee4279Most likely, no. C and assembly are perfect. Everything else is just another way of doing what C and assembly are already doing
Kinda depends on what your more interested in if you want to do any fpga stuff vhdl and or verilog
how about a video explaining the pitfalls of C and how rust overcomes it?
Why is the merch closed?
maybe a dumb question but.. if you write a sublime piece of software and its running safely on a system somewhere, allong side a crappy piece of C i threw together years ago, that needs admin rights or root permissions to work properly and is thus ran as such ... (and yes not by me perse but currently the world is filled with these pieces of code , i prolly dont have to mention that half the bussiness world still runs on cobol and they cant find programmers that can convert it anymore) so as long as they do exist and are used , and they will for a long time , is the extra effort in writig rust and safe code not futile , my dumb tool might just be there to something stupid but if i can get it to change the memory of your program , the cpu is not going to stop it so ...
I can C the light. 😉
if you make RUST course, i will enroll to lowlevel academy..
Haskell gives you memory safety and a decent amount of logic safety...
Of course, maybe not quite the best pick for bare metal! (Though you technically could code an operating system in haskell if you really wanted)
the lovely thing about rust is that it has taken many of the best parts of haskell's type system, so you can use a lot of the same techniques to get logic safety in rust as well
True stuff
From your perspective, it make sense
From software engineer perspective that is rushed by military or corporates, Zig make more sense
¯\_(ツ)_/¯
zig is not even stable. i dont see ho it makes more sense from any perspective
4:06 - for-C-able future hahahahahhahahhahahahaha. so funny
Your views on GO programming language..
If possible need a separate video.
What about zig?
zig gud
Doesn't solve the problems Rust solves, and it isn't trying too. I see zig trying to be 1 to 1 replacement for C, while Rust is trying to be something different.
👀
@@jonnyso1How is it just replacement for c?
I has a whole toolchain and standard library for Zig. And just bcoz it has compiler to c and c++ doesn't mean it is just replacement for C.
Just bcoz Rust has memory safety doesn't mean Zig doesn't solve it, it solves it by memory code not being complicated during implementation and being simple.
@@LowLevelLearningthanks for the automatic translation google
I *love* C.
In the list of languages that I love, only Python comes a close second to C and the others are waaaay far behind. C++ is not even in the list.
But I have no production level C code and am not aware of the many ways a C program can be memory un-safe.
Will it be impossible for me to realize the ways that Rust is safeguarding agains that? Will I be able to appreciate a Rust quirk that's because it's forcing me to write safer code?
الف مبروووك يا كبير ❤️
ربنا يهدي سرك ويرزقك الذرية الصالحة امين يارب
مش عارف إذا بضحك أو لاء 😂😂😂
dah ebn 3ammak walla eih bezzabt?
Can it will be future programing language of Backend developer ?
I see what you are trying to do here. Just learn programming, don't get overwhelmed by languages, language is just a tool, like a hammer. Choose the language that looks coolest to you (please not python) and do projects in it
Well as a backend developer who already builds backends in rust. NO because its currently already one. Actix is my current favorite framework for it
@@alang.2054 Yeah you are right but am already MERN stack developer in a company.. asking just for curiosity.
"C lets you do whatever you want", well i think that's the reason I'm still married to C.. 😅😅
you're good, learend some new things :) thanks
C is portable Assembly, it makes no sense to fix C, as it lets you do everything you need to bring up your computer to a usable state.
Well I'm learning Solidity, might as well go all in and learn Rust as well. 🤷🏾♂️
Consummating that marriage with a rusty trombone
rust is nice, but c3 is interesting to me. once i finish writing my pong clone in assembly language (it's a dare), i'm gonna do something with it.
Try zig also, it's amazing
If i was able i would learn machine code itself, faster and more accurate i belive، already encrypted because so many people dont know machine code atleast semi-encrypted programmers would decrypt...
"If you write unsafe rust, rust is going to be unsafe"
But I'm a C programmer. The only way I know to write code is unsafe.
@Low Level Learning Check RTIC - Real-Time Interrupt-driven Concurrency.
Zig: Consider getting a prenup.
waiting for zig to finally be >18
why does it feel like i'm starting to understand this?
The biggest problem in Rust for (CS) students to me is that it's awful to study data Structures and Algorithms with it.
Yeah Rust is a terrible language for toy programs, because it demands so much perfection.
Oh yeah, few weeks ago I tried to implement b+ tree in Rust, fought the borrow checker instead. And just wrote it in c++ using raw pointers. Sometimes it feels like smart pointers can't always work flawlessly with complex ownership models
Yeah, if you're learning data structures then it is definitely easier to use a literal language like C or C++. Even Python would be a better choice and Python sucks.
Which is kinda funny because everything it forces you to do and think about, you should be doing and thinking about in any other language anyways. You just don't need to memorize it lul
You'll have to put all of your data in flat arrays and perform the algorithms using primitive number values that point to the data array. Combine that with enums for representing states of a tree for example and you'll get a nice, clean and fast program. This way you can write every algorithm. Perhaps not the best idea to start learning the basics compared to something like C# or Kotlin where you can twist references how ever you like to help you model and understand the algorthms more directly without any additional cognitive overhead from the language.
Came from Primeagen. Dope.
Singing "Ooo I need a dirty woman. Ooo I need a dirty girl. " 😅
"I am just a new boy, Stranger in this town..."
2:06 that's a kde wallpaper
@1:41 yeah Eminem's been real quiet after this...
What about zig, is zig memory safe ?
no
Yay
Mattell will be inspired to build Barbie-fembots with a rust core os ... Can haz?
Can you write Lua interop in rust?
yes
what do you think about golang
iz good
Corruption! Here's why called Rust. Now I get it.
I need that shirt lol
As much as I like rust part of me feels like in 10 years people are going to be like "oh god it's written in rust" like you do with java these days.
you can't have authentication errors if you don't have authentication
Ahh i am too late, rust beat me to it...
3:28 Can I not say the same about C? Is it because unsafe rust is safer than unsafe C?
i wouldn’t say its safer because both offer low level memory manipulation. the difference is in rust you can mark unsafe code as unsafe (assuming you know what youre doing), while in C, all code is generally considered unsafe due to the points mentioned in the video. safe rust avoids many problems present in C.
1:36
XD