Alice Ryhl

And I really think this pattern just, everywhere you look, you have this kind of thing again and again that, oh, if you messed up, either it won't compile, or at the very least there's a lint for it.

They just catch a lot of cases at compile time.

So here I actually think it's even stronger.

The thing with C++ is that if you make a mistake, in JavaScript maybe you take down your server, which is already bad enough.

But in C++, when you make a mistake there, now it's actually a security vulnerability most of the time.

If you do something as trivial as you did an off by one in your IRA or whatever it might be, that's a security vulnerability.

And that this just keeps happening.

Small mistakes become security vulnerabilities.

And in Rust, so Rust is memory safe, right?

I mean, we talked a bunch about different ways that Rust is more reliable.

We didn't even touch about memory safety.

Memory safety is this idea that no matter how stupid the code you write is, it's not going to have a certain class of bugs.

And this is the kind of bug that usually leads into security vulnerabilities.

You know, the kind of thing where you read past the array and you just look at random memory.

Or you destroyed an object and then you used it afterwards.

So now you actually touch the memory of some other random object.

The classic example in the kernel is, let's say you have some object and you manage to make it so that the object that's actually there, because the original object is gone.

So the memory got reused, and now it has a task struct, it's called.

And that's basically your process.

And it has a field called user ID.