I think this is weirdly resonated with me. I used moved to Rust from C for embedded programming, and realized that my whole paradigm shifted on how I write programs.
Rust is much more than safe(r) C, it is different approach of architecting apps to have safer relations between components. Now that I am looking at my old code, I see how it would benefit from this paradigm.
And it also a 'problem' with Rust - it requires one to think differently. You can write Rusty code in C, and indeed results are just better, but trying to write Rust in C style would lead to fighting compiler and suffering.
Other languages, like Zig or Go, they chose different approach - to decorate C with modern features, and that works too.
Forget safety. Using enums in Rust is sheer delight. The fact they can even contain associated data is the really powerful. That alone makes me love the language. Especially with bitfields.
It cannot be matched in in C, even with a lot of macro magic. Plus, C is way too lax with type strictness and enums.
>None of this means Rust is "bad" or that C is "better". It means they optimise for different values. Rust optimises for correctness and maintainability under heavy abstraction. C optimises for transparency and minimalism under extreme constraints.
>Sometimes you don't want a language that keeps you safe. Sometimes you want one that simply gets out of your way.
D lang is a wonderful Goldilocks in this regard between C and Rust. It has D-as-better-C [1]. There's no head scratching macro, excellent meta programming, bare metal programming and fast compile time and run time [2]. The programming syntax is very intuitive with UFCS [3].
The problem is not that {language} does or does not do or have {thing}. The problem is managers expecting the work product of coders who only half know the language that they are working in to be productionizable.
This looks like it was written by an LLM. Not complaining, because my major use of LLMs is rubber-ducking, not code-generation, and I very often get responses like this when doing repeated iterations and deep-diving into a review/comparison.
The concepts are probably the authors, but the text we are seeing is probably the LLMs.
Regardless of the LLM overtones, this is still decent content.
Okay, I like Rust, really... But, I totally agree it's not just about memory safety.
<rant>
Rust gives you: Memory safety (mostly), No use-after-free, double-free, buffer overruns in safe Rust.
It does not give you: logic/protocol/cryptographic correctness, supply-chain integrity, side-channel resistance, malicious dependency immunity, auditability, reduced attack surface, or reduced complexity.
In other words, Rust solves one class of bugs extremely well. It solves none of the hard ones.
I get it, memory corruption bugs are Loud, measurable, easy to point at, and easy to sell to management.
That's why they dominate the narrative.
My biggest issue/concern is the dependency explosion problem.
Classic C Example:
- ~N lines of code
- A small number of carefully curated libraries
- Mostly static linking
- Painful to write
- Painful to maintain
- Possible to audit
Rust rewrite:
- Core project +
- 50 direct dependencies +
- 300 transitive deps +
- 900 crates total +
- Thousands of maintainers you have never met +
- GitHub accounts that may disappear tomorrow +
- Build scripts executing arbitrary code at compile time
Security claim: "Memory safe!"
Reality: Attack surface inflation by 1–2 orders of magnitude
You've traded:
"I might screw up a pointer"
for:
"I trust a thousand strangers, their CI pipelines, their update hygiene, their threat models, and their long-term incentives."
...
Rust’s memory-safety guarantees are genuinely valuable, especially for new development. Where I become skeptical is when a rewrite significantly expands the dependency graph. At that point, the security model shifts from "local reasoning enforced by the compiler" to "transitive trust in a very large supply chain". That trade-off isn't always acknowledged, and in some contexts, especially high-assurance systems, it deserves more scrutiny.
Yet another Rust article that ignores the choice among memory safe languages, including the ML linage that inspired Rust's type system.
The only reason to pick Rust instead of one of those, is exactly because the memory safety without GC that it offers, when any form of automatic resource management, be it in whatever form, is not possible, or welcomed by the domain experts.
The choice between Rust and C-derived languages is not only about memory safety
(bbuyukliev.blogspot.com)45 points by bluetomcat 12 December 2025 | 19 comments
Comments
Rust is much more than safe(r) C, it is different approach of architecting apps to have safer relations between components. Now that I am looking at my old code, I see how it would benefit from this paradigm.
And it also a 'problem' with Rust - it requires one to think differently. You can write Rusty code in C, and indeed results are just better, but trying to write Rust in C style would lead to fighting compiler and suffering.
Other languages, like Zig or Go, they chose different approach - to decorate C with modern features, and that works too.
Even when I need what C does "well" from the author's pov I can just wrap my code in a big unsafe {} in Rust.
I still get a bunch of things from the language that are not safety- but ergonomics-related and that I would't want to miss anymore.
It cannot be matched in in C, even with a lot of macro magic. Plus, C is way too lax with type strictness and enums.
>Sometimes you don't want a language that keeps you safe. Sometimes you want one that simply gets out of your way.
D lang is a wonderful Goldilocks in this regard between C and Rust. It has D-as-better-C [1]. There's no head scratching macro, excellent meta programming, bare metal programming and fast compile time and run time [2]. The programming syntax is very intuitive with UFCS [3].
[1] Better C:
https://dlang.org/spec/betterc.html
[2] Ask HN: Why do you use Rust, when D is available? (255 comments):
https://news.ycombinator.com/item?id=23494490
[3] Function:
https://dlang.org/spec/function.html
The concepts are probably the authors, but the text we are seeing is probably the LLMs.
Regardless of the LLM overtones, this is still decent content.
<rant> Rust gives you: Memory safety (mostly), No use-after-free, double-free, buffer overruns in safe Rust.
It does not give you: logic/protocol/cryptographic correctness, supply-chain integrity, side-channel resistance, malicious dependency immunity, auditability, reduced attack surface, or reduced complexity.
In other words, Rust solves one class of bugs extremely well. It solves none of the hard ones.
I get it, memory corruption bugs are Loud, measurable, easy to point at, and easy to sell to management.
That's why they dominate the narrative.
My biggest issue/concern is the dependency explosion problem.
Classic C Example: - ~N lines of code - A small number of carefully curated libraries - Mostly static linking - Painful to write - Painful to maintain - Possible to audit
Rust rewrite: - Core project + - 50 direct dependencies + - 300 transitive deps + - 900 crates total + - Thousands of maintainers you have never met + - GitHub accounts that may disappear tomorrow + - Build scripts executing arbitrary code at compile time
Security claim: "Memory safe!" Reality: Attack surface inflation by 1–2 orders of magnitude
You've traded: "I might screw up a pointer"
for: "I trust a thousand strangers, their CI pipelines, their update hygiene, their threat models, and their long-term incentives."
...
Rust’s memory-safety guarantees are genuinely valuable, especially for new development. Where I become skeptical is when a rewrite significantly expands the dependency graph. At that point, the security model shifts from "local reasoning enforced by the compiler" to "transitive trust in a very large supply chain". That trade-off isn't always acknowledged, and in some contexts, especially high-assurance systems, it deserves more scrutiny.
</rant>
The only reason to pick Rust instead of one of those, is exactly because the memory safety without GC that it offers, when any form of automatic resource management, be it in whatever form, is not possible, or welcomed by the domain experts.