Rewrite-it-in-Rust has become a moral imperative. Well, here’s a moral argument: throwing away serviceable computers every couple of years to upgrade is a privilege that not all of your users have, contributes to climate change, and fills up landfills. As far as security is concerned, some matters demand leaving the norm: old hardware is the only kind that can avoid proprietary firmware blobs, Intel ME or AMD PSP, and UEFI. Novel hardware which addresses issues like microcode and open hardware, like POWER9 and RISC-V, are also suffering under Rust’s mainstream-or-bust regime. Anyone left behind is forced to use the legacy C codebase you’ve abandoned, which is much worse for their security than the hypothetical bugs you’re trying to save them from.
Source: Drew DeVault’s blog
As someone who almost exclusively uses older hardware I am extremely annoyed by developers and system administrators who tell me I need to switch out my hardware every 3 to 5 years for the sake of convenience. It’s a very entitled position to take and it got me annoyed enough to go on a little twitter rant about it. If your old hardware works it should be used for as long as possible. You don’t need a server with an AMD Epyc CPU with 1 TB RAM and multipe SSDs with ZFS to… run a simple WordPress blog like this one.
I certainly don’t have the money to develop software in Rust-recommended hardware, which can also double as gaming hardware with the addition of a nice GPU.
How about a memory safe language that can run on “old” or “slow” hardware of the sort that is most often used outside of the US and Europe? If you were to listen to these people they’ll tell you it can’t be done.