Some thoughts on Rust

November 4, 2025

I'm still learning the language (although I've taken a break lately) but in general I'm impressed. Modern features, and an interesting approach to memory management where the compiler and programmer work together to make sure every object's lifetime can be tracked by the compiler and garbage collected in real time instead of using a global garbage collector.

This also presents some advantages. Objects that allocate resources other than memory can be cleanly removed too.

The style is mostly elegant, types are inferred, support for closures and other fun things, and a lot of configuration by convention. I'm a big fan of that, and even though it takes a little time to learn how, for example, Rust structures big projects, once you figure it out, it is so much nicer than having to build Make files or the Ant and Maven equivalents.

Negatives. There are a couple, and I feel like they are showstoppers for many projects that would otherwise find Rust perfect because of its memory protection.

The first is Rust doesn't really discourage you from writing unsafe code as long as you're aware that code is not going to be checked. There's an “unsafe” keyword, and the Book (that documents Rust) is very keen on stressing that there's nothing wrong with using it. This isn't great, but it becomes an even bigger problem with the second issue: the skimpy run time library coupled with the reliance on a giant library of unverified, uncurated, third party code, called crates.io. Any crate you may import may include malicious code, and even if you trust the authors, may include unsafe code that can be exploited anyway. You really don't know. And so while it's great for personal projects, I'd feel wary of using Rust for projects that might need to run in a secure environment.

And lest you think “Oh, you're just being paranoid”, Rust's attitude towards security is such that their official installation instructions are to run “curl —proto '=https' —tlsv1.2 -sSf https://sh.rustup.rs | sh”

I really don't think security is on their agenda in the same way as, say, Sun's developers were about Java.

But... it's blazingly fast, it's enjoyable to program in, and the lack of a global garbage collector makes for smooth running.

What would make me switch to Rust as my first choice for ordinary projects would be an expanded officially supported library, that includes cryptography (TLS, etc) plus some work to make it easier to vet third party crates.

Rust has introduced some great concepts behind managing memory, and it'd be interesting to see someone create a VM that uses its memory management in place of the lisp model used by the JVM and .NET platforms. I suspect rustaceans will run screaming at the very idea, but I can think of some great applications for something like that.