Some readers seem to be getting thrown by the casual tone of this article. For those struggling to not rage my two takeaways were:
* Automated checking of rusts std lib could improve rusts security
* Don't use unsafe if you don't need it
* Releasing a fix for a security vulnerability should be complemented with a cve if you want people (such as anyone using Debian) to not still be vulnerable two years later
Note: despite the initial slant, the author is very pro rust.
I wouldn't even say the initial slant is anti-Rust. To me it reads as "Rust wants what I want, which I appreciate, and that is exactly why I won't go easy on it". Yes, the title is click-baity, but author also immediately acknowledges that "unsafe" is a necessary compromise:
> But dealing with those things is necessary to run code on modern hardware, so something has to deal with it.
The main point is that "unsafe" is the weakest link in the language, since it bypasses the safety guarantees of Rust. Therefore it needs solutions outside of the language (in the form of how bugs are handled, and programmer culture) to minimize the risks it brings.
* Automated checking of rusts std lib could improve rusts security
* Don't use unsafe if you don't need it
* Releasing a fix for a security vulnerability should be complemented with a cve if you want people (such as anyone using Debian) to not still be vulnerable two years later
Note: despite the initial slant, the author is very pro rust.