"Rust makes it impossible to introduce some of the most common security vulnerabilities. And its adoption can't come soon enough...." [A] growing movement to write software in a language called Rust is gaining momentum because the code is goof-proof in an important way. By design, developers can't accidentally create the most common types of exploitable security vulnerabilities when they're coding in Rust, a distinction that could make a huge difference in the daily patch parade and ultimately the world's baseline cybersecurity....
The language has been steadily gaining adherents and now is at a turning point. The Rust Foundation was formed by Microsoft, Google, and Amazon Web Services in 2020 in order to sustain and grow the language. The first steps to implement Rust support were taken last month. Dave Kleidermacher is the vice president of engineering forAndroid security and privacy. Many engineers are wondering how they can start doing this after investing in Rust. This is wonderful.
By writing new software in Rust instead, even amateur programmers can be confident that they haven't introduced any memory-safety bugs into their code.... These types of vulnerabilities aren't just esoteric software bugs. Research and auditing have repeatedly found that they make up the majority of all software vulnerabilities. So while you can still make mistakes and create security flaws while programming in Rust, the opportunity to eliminate memory-safety vulnerabilities is significant....It will be a lot of work, but the tech industry has a lot of money and talented programmers. Josh Aas is the executive director of the Internet Security Research Group, which runs the memory safety initiative Prossimo. Problems that are a lot of work are good.