back to article In Rust We Trust: Microsoft Azure CTO shuns C and C++

Microsoft Azure CTO Mark Russinovich has had it with C and C++, time-tested programming languages commonly used for native applications that require high performance. On Monday, Russinovich urged the technology industry to leave C/C++ behind. "Speaking of languages, it's time to halt starting any new projects in C/C++ and use …

      1. Kevin McMurtrie Silver badge

        Not a language, but a website: Stack Overflow

      2. Anonymous Coward
        Anonymous Coward twentieth century!


        Actually you are talking about the DESIGN of the application being faulty. Yup.....I agree.............

        ............but that ship sailed long ago with the so-called "Agile Manifesto"........... place of DESIGN we now have an incrementing wall of yellow stickies with "user stories"! twentieth century!!

        ......and, of course, Rust is a long, long, long way from solving this recent problem...........

    1. LionelB Silver badge

      Steady on. I take pride in writing good Fortran (in C).

  1. Version 1.0 Silver badge

    Rust fixed that for you

    The PHB has had it with C and C++ because he never could write anything that worked.

    1. Paul Herber Silver badge

      Re: Rust fixed that for you

      The PHB has had it with C and C++ because he never could write anything that compiled.


    2. david 12 Silver badge

      Re: Rust fixed that for you

      Mark Russinovich (acquired by MS by buying out his company) has more programming credential in his little toe than most programmers acquire in a lifetime.

      Even his wikipedia biography doesn't do him justice: 20 years later, his Winternals utilities are still in use.

      1. Anonymous Coward
        Anonymous Coward

        Re: Rust fixed that for you

        He is incredibly knowledgeable about programming in general and the Windows internals in particular. He co-founded Winternals and wrote the sysinternals suite. Microsoft bought Winternals basically to acquire him. He has since moved on to become the big cheese in Azure.

        The Sysinternals suite and his technet columns are invaluable resources.

        On top of this, he has also found time to become a successful novelist as well as writing multiple non fiction books about coding and contributing to several IT magazines.

        If you think you know more about software development than him, you are probably wrong.

        1. Auntie Dix

          Re: Rust fixed that for you

          Mark is awesome.

          His friendliness, intelligence, clarity, wittiness, kindness, etc., are truly intoxicating. Every time that I have interacted with him, I have felt both fan-boy exhilaration during the engagement and fan-boy sadness at parting.

          I wonder sometimes how much more forthright he might be if he were not bound by Microsoft. I wonder, too, how much better Windows and the rest could have been if he had been in the right places at the right times.

      2. Someone Else Silver badge

        Re: Rust fixed that for you

        Mark Russinovich (acquired by MS by buying out his company)Bjarne Stroustrop has more programming credential in his little toe than most programmers acquire in a lifetime.

        Even his wikipedia biography doesn't do him justice: 20 35+ years later, his Winternals utilities are the language he created is still in use.

        There. Won't say FTFY, but submitted without snark.

        OK, maybe a little snark...

        1. bazza Silver badge

          Re: Rust fixed that for you

          I'm old enough to remember C++ being a source code translation into C. It's always been a thin OOP veneer on top of C, and for it's time was pretty good.

          The thing is, time was up the moment someone had the idea of a system language that knew about memory safety in its syntax.

          I know he pointed out that modern C++ can be pretty safe, but if one were restricted to only that modern subset you'd be wondering why it was called C++ at all, given that you'd have to rewrite a lot of one's code to comply with just that subset.

  2. Henry Wertz 1 Gold badge


    "Rust, designed by as a hobby by Graydon Hoare"

    He must really know how to party -- making a vaguely C-like language but with a compiler that gives errors if you do memory-unsafe or thread-unsafe activities? I mean, I'm a programmer and nerdy and I still find this to be a rather dull hobby 8-)

    Anyway.. I really don't think this is a bad idea. I prefer Python but for the types of programming that should be done in C, Rust is fairly C-like but with a ridiculously pedantic compiler that errors out if you write memory-unsafe or thread-unsafe code (there is an "unsafe" keyword, if you have to do some action to talk to existing hardware/software that Rust doesn't like... or if you simply want to do something Rust deems unsafe that you are sure is safe...) It does have facilities for linking with existing C/C++/etc. code too. I'm not a huge fan of Rust any more than I am of C/C++, but I could see Rust being a viable C/C++ replacement in the long term.

    1. Caver_Dave Silver badge


      Having the word unsafe in source code would have the certification authorities jumping up and down immediately!

      Sticking to C for anything 'unsafe' like OS and BSP for now.

      1. fg_swe Bronze badge

        You Mean The MCAS Certifiers ?

        The people who don't know what they are doing ?

        Relying on a single sensor to drive 100 people into the ground at a time ?

        They would be offended by the keyword "Unsafe" ?

        Surely, that would definitely matter. Not.

    2. StrangerHereMyself Silver badge

      Re: OK

      I'm personally convinced GC languages are the best solution for applications and tools (including very technical tools, like compilers) where deterministic memory management isn't required.

      The basic problem is that C and C++ are Systems Programming Languages, but we're using them as Application Programming Languages. What we need are native code Application Programming Languages, preferably with Garbage Collection or pseudo-pointers / safe-pointers / managed pointers.

      1. JoeCool Bronze badge

        C and C++ are different

        C started as a "systems language" I guess, but that's a less than meaningful term if you want to discuss (dis)advantages of a language.

        C++ is designed to design languages AND is a good choice for "system programming" also.

        1. StrangerHereMyself Silver badge

          Re: C and C++ are different

          It's extremely relevant since C/C++ memory management is literally eating the planet.

          We need to get rid of it and we've already done a great job by rewriting many business applications in Java / C# / Go, but we need to go further.

          We need to clearly make the distinction between Application Programming Languages and Systems Programming Languages. Don't give me that crap like: "C used to be a Systems Programming Language, but it's now all over the place so it's an Application Programming Language!" It isn't. It's still a Systems Programming Language and we should ban it for application development.

          1. Kristian Walsh Silver badge

            Re: C and C++ are different

            You think the language that’s eating the planet is... C++? Oh man, when you see how much JavaScript is out there, you’re going to have a fit...

      2. Brewster's Angle Grinder Silver badge

        My garbage collector is called "Kev" and is running a day late because of the bank holiday.

        I spend most of my time in GC'd languages these days. It's like pair programming with the dumbest programmer in the office, and assigning them the task of inserting code to deconstruct objects and free their memory... *sigh*

  3. Bogusz

    My experience with Rust has not been that optimistic, I still write memory intensive routines in C because performance of Vec<> is lagging. No, not 20% ish, much more.

  4. david 12 Silver badge

    "despite its reputation for being difficult to learn "

    No, that is because of its reputation for being difficult to learn

    Comp/Sci types have preferred "difficult" languages forever. And disliked "easy" languages for just as long. "Difficult" plays to their innate sense of superiority, "Easy" languages are for inferior people.

    1. Anonymous Coward
      Anonymous Coward

      Re: "despite its reputation for being difficult to learn "

      If this was true, they would be developing in InterCAL.

      1. Someone Else Silver badge

        Re: "despite its reputation for being difficult to learn "

        ...or APL

      2. Mike 16

        Developing in Intercal

        What makes you think they (well, some of them) don't?

        (IIRC, Intercal and The Colossal Cave share at least one author, who ( last I heard they) was at Google.)

    2. Dinanziame Silver badge

      Re: "despite its reputation for being difficult to learn "

      The basic fact is that programming is complicated, because having a computer doing exactly what you want is complicated. It's possible to have a programming language that is more complicated than necessary, and less safe than possible, but it's not possible to have a programming language that is truly simple, unless it wallpapers over issues like memory management that really should be solved by the programmer.

  5. cantankerous swineherd

    is graydon related to C A R ?

    1. Anonymous Coward
      1. Michael Wojcik Silver badge

        Well, everyone's related if you go back far enough.

    2. fg_swe Bronze badge

      In Some Ways, Yes

      Not biologically, but certainly from an engineering point of view:

      Tony says that index checking should be done at runtime and that it is a very real problem in the world of real FORTRAN programs. What I infer from this is that software engineers in general are not perfect. Humans they are, not gods.

      Also, Algol was already much better than C is to the present day. Cheap won out over proper engineering.

  6. Anonymous Coward
    Anonymous Coward

    Stroustrup is just a nervous old fuddy duddy.

    What would Elon do?

    Just turn off the C and C++ code on 31Dec2023 and turn the bug free Rust code on 1Jan2024.

    OTA update everyone's phones, cars, computers, washing machines and toasters while they are out drinking.

    Job done.

    1. pavel.petrman

      Yes, Elon would do exactly that. Single handedly - while using his other hand to tweet about how cool and eficient he is, going against every bit of institutional experience of how one should approach software development to stand a chance of sustainability, let alone success.

      In the process he would find out that his development model is unworkable and hastily sell his company, mere days from a financial collapse, to an investor, who in turn would have to rewrite everything from scratch.

      Yes, I bet many of us know exactly what would Elon do, as many of us have worked for our respective Elon and were quite happy to part ways with him.

      1. fg_swe Bronze badge

        Last time I watched Elon's rockets fly back to base, I was impressed.

        Also, I hear StarLink is creating real trouble for the Special Peace Operation.

    2. bombastic bob Silver badge

      heh - Y2K as it should have been

      1. Anonymous Coward
        Anonymous Coward

        Exactly. If only we hadn't missed the chance to rip and replace all the C code with bug free Java on 1st Jan 2000.

  7. Anonymous Coward
    Anonymous Coward

    According to Microsoft, about 70 percent of the CVEs it has patched since 2006 are due to memory safety issues. Eliminating those bugs would dramatically improve software security while reducing the cost of vulnerability remediation.

    They've been at it since 2006? 2006!? And they STILL haven't squashed the memory bugs? Seriously, do they clean-slate everything every 6 months and start from scratch? Does nobody at Microsoft say "Hey, we wrote code that does exactly this 8 years ago and got most of the bugs worked out. Let's start from there." ? You'd think that at some point, they'd have beaten that 70% down to 5%. Maybe they plan to do that for Windows 2095 on the 100th anniversary of Win95.

    1. Reaps

      well they do keep adding stupid not needed shit.

      prime example is making magic urls to do everything (really really bad idea) so that they can shift your windows/ apps to shitty clouds with plugins

    2. Michael Wojcik Silver badge

      They've been at it since 2006? 2006!? And they STILL haven't squashed the memory bugs?

      Have you worked on large projects? Fixing all of the memory-use bugs in a large project written in traditional native-code procedural and/or OO languages would take many years even if you're not developing new features.

  8. Doug 3

    If only there were ways for companies to implement processes and procedures to help protect their software from developer neglect in the design and implementation phases. It must be something nobody has thought of yet or else Microsoft would have been doing this with their OS developers for decades. It has been over 25 years since desktop computers have been connected to the Internet and every new version of Microsoft Windows is pushed as being the most secure OS or at least the most secure version of Windows.

    But maybe it's better to just quickly try to hide the fact they have failed at building a development system which puts security as a priority and point to the shiny new thing which will surely save all of us and be the next greatest toaster.

    Microsoft is pretty funny since they've become the platform also-ran.

    1. An_Old_Dog Silver badge

      Good Software Development Processes

      There is no software development process which cannot be subverted by bad management.

    2. fg_swe Bronze badge

      You discovered their deceptive marketing. Now look at what they claim in the bio virus "vaccine" business.

      Secondly, all non trivial C or C++ based systems are chock full of memory bugs. That includes the Linux kernel, PCRE, PNG libraries, PDF readers and hundreds of other widely used packages.

  9. llaryllama

    Declaring that C is dead and we should all be using X is a little silly. I guess now I understand what old COBOL programmers felt like when the computing world moved on.

    Honestly Rust is a good language and I can't wait to see what a younger generation of programmers will do with it, but I don't see myself writing any serious Rust applications.

    Like many programmers in their 40s and 50s I have 30 years of experience with C and I can definitely write much higher quality code in C/C++ than I could in a completely unfamiliar language, even if the language happens to be fundamentally better/safer.

    1. James Anderson

      I would dispute the rust is a good language. It is memory and type safe, but at enormous cost in terms of complexity and obscurity. ( almost as bad as C++).

      This will impose an massive penalty on development time.

      1. Proton_badger

        I’ve been a C++ programmer for 25 years and have learned Rust. Yeah it’s not the easiest language to learn but at some point it suddenly “clicks” and development times suddenly decreases a lot. In any case less time is spent debugging, sometimes a lot less time. it only seems complex while learning it, then it becomes plain sailing and a delight to work with.

        Apart from memory safety it has a lot of great ergonomics, like the pattern matching, the approach to iterators/adaptors, and the way it handles return values with Return and Option and their many useful member functions is delightful. Then there is the way Mutex<T> and Arc<T> holds their data, etc. etc.

        I have no count of the number of code review comments I’ve made in C and in C++ about unhandled return values, potential memory issues and shared data. I’m over it.

        1. Timochka

          Absolutely this. I started my professional career writing C and 8051 assembly code (oh, Keil C51, how you used to torture me,) and had been writing C unprofessionally long before that; I spent many years writing C++ for money, and in general can compete with anyone who wants to shout "get off my lawn" and play who has the longest grey beard - but for my most recent embedded projects (professional and personal) I've switched over to Rust and *could not be happier* about it.

          Sure, the language has a learning curve, and there is stuff I don't like about it (async contagion, I'm looking at you,) but that's true of every language. On the other side of the balance, there is just so much more than just memory safety that means I find it simply a far more productive language to code in than C++.

          I love C, I loved C++ for a time; Kernighan, Ritchie and Stroustrup will all remain heroes of mine until the day I die, in a pantheon alongside Knuth, Comer and frankly not many else - but the world moves on. The application of multiple layers of lipstick to C++ to try and address its shortcomings over the years has left us with a language that looks more like Conchita Wurst than Audrey Hepburn... It's time to start fresh. And Rust is an excellent choice for that.

          1. A.P. Veening Silver badge

            Kernighan, Ritchie and Stroustrup will all remain heroes of mine until the day I die, in a pantheon alongside Knuth, Comer and frankly not many else

            I would suggest you add admiral Grace Hopper to that list.

          2. fg_swe Bronze badge

            Pantheon Of Computer Scientists

            Please also look at




            and all the other Algol men. They knew about the need for memory and type safety for decades, if you listen to their speeches. Apparently they were not too much interested in drumming for their ideas, so applied computer science degraded into "free" Unix, instead of the much more robust Algol world.

      2. fg_swe Bronze badge


        Look at the precursor, which is much more simple

    2. werdsmith Silver badge

      One of the problems a new language must face is the very large investment in careers and experience that folk have with their other languages. Of course folk are going to be resistant if it means something else is going to eat their lunch or push them out of their comfort zone. Just as some RDBMS folk are about no-sql DBs and other folk feel about other potentially disruptive movements. As a self confessed shit programmer I quite like the ongoing coaching I get from the compiler.

      It’s going to be fun watching these comments express these insecurities, as well as the usual gaslighting about Microsoft that has already started.

      1. Anonymous Coward
        Anonymous Coward

        yeah this

        As someone in my 50s who does a lot of programming and gets paid for it (though I'm not sure I could actually call myself a programmer) I've realised I've hit a wall where there are loads of new technologies I *could* learn, but that I no longer care. I can't be bothered. Just let me write what I know and give me the money. Rust is for the next generation, you know, people in their 40s.

        Anonymous in case my boss is reading....

        1. Pirate Dave Silver badge

          Re: yeah this

          Same here on the SysAdmin side. I don't want to learn the latest and greatest, whether that's "yet another wonderful way to do things" on Windows or how to deal with the new stuff around the systemd cancer. I'm mostly tired of sacrificing brain cells and spare time for things that may or may not be useful in 5+ years. Just let me soldier on, keeping stuff running for another few years, then give me my gold watch and cake and let me go off into the sunset.

        2. iron Silver badge

          Re: yeah this

          As a dev in my very late 40s I'm starting to see why people keep trying to convince me to move into management despite my complete lack of interest or relevant skills... it's you guys with your "I don't want to learn anything new" attitude. Learning something new every day (well ok, most days) is what keeps me young.

          Coding keeps me sane, management is the last place they should want me.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like