Doh! Rust Takes Years To Learn!
Doh! Rust Takes Years To Learn!
No, Typically Up Two Months … And About The Same As Other New Languages
The worm is turning!
C and C++ have ruled the core of our digital world for a long time and still do. But, it doesn’t handle memory well, and where we get buffer overflows (Morris Worm, SQL Slammer, and so many more) or buffer underflows (Heartbleed). This can involve a stack overflow attack, and where the program writes too much data to the stack that has been allocated for a given buffer, and for a heap overflow attack, where we overrun the memory into a space that is not allocated for a buffer.
These problems often allow adversories to write data into places that it was not intended for, or can cause an exception in the handling of the code (and thus cause a problem to act unreliable). A typical area is to overwrite memory that is allocated for other purposes, and then cause a Denial of Service (DoS) against the code — and where it just stops working.
Along with this, developers often do not clean up their variables, and so a garbage collector must come in and free up memory that is not being used anymore.
But, Rust just doesn’t allow you to do these things. It has strict checks on the usage of variables at compile time, and if you do something bad with them, it will tell you, and refuse to compile the code.
In 2015, Rust was born, and in eight short years, many of the major software companies have adopted it as the core of their systems. Google was one of the early adopters, but now joined by Microsoft who are developing their core code with Rust.
But, there are many questions … how long will it take to learn the language and will it make developers more productive? The following relates to research conducted in Google which answers these questions [here]. For this, Google did a survey of 1,000 of their developers.
How long to learn Rust properly?
First Google asked how long it took to learn Rust properly. Figure 1 shows that the majority (around 2/3rds) took just under two months to learn, and only 9% took more than four months. It must be said that most of the developers had experience of C/C++, Python, Java, Go, or Dart, before learning Rust. These figures, as Google define in their blog, are similar to the times that developers take to learn new languages — both inside and outside Google.
Google found, too, in their extensive Rust training, that many developers become comfortable with the concepts used in Rust by the second day of a training course.
Slow compiler? Yes!
And, is the compiler slow? Well, Google found that only 40% of respondents found that the compiler speed was acceptable. This is low, and it would be hoped that improvements can come forth from the community in performance enhancements.
Challenging areas of Rust?
The three most challenging areas of Rust found in the survey were Macros, Ownership and borrowing, and Asyn programming (creating message creators and consumer queues). The integration of C/C++ as unsafe code was not one of the top challenges, overall. With Google, they aim to invest time in training to cover the three most challenging areas.
The compiler error messages are amazing!
Don’t you just hate the lazy error and warning messages from C++ and Python that say very little about what has actually caused the error/warning. For Rust, it loves to give you quite detailed information and almost slaps your wrist for being a bad programmer. In the survey, only 9% of those surveyed thought that the diagnostic and debugging information is not of good quality, with most responding that the information provided was first class. Overall, it can take a while to understand the information provided by the compiler, but once you do, it all becomes so much easier to debug code.
Rust produces high-quality code
In the survey, 77% of the developers were satisfied with the quality of the code produced, and 85% thought that the code was correct. More than half of the respondents thought that it was also easy to review code. These are higher figures than would normally be expected for a programming language.
Conclusions
Rust is cool. It teaches you how to be a secure developer, and avoids the traps we all fall into. Unfortunately, most of us were educated in a world of pointers and garbage collectors, but, in fact, you can teach an old dog, new tricks.
If you are interested in learning some Rust and Cryptography, go here: