If these hardened libraries were as good, we wouldn't have blog posts like this[1], from the android team last year.
> We adopted Rust for its security and are seeing a 1000x reduction in memory safety vulnerability density compared to Android’s C and C++ code
Maybe the android team could have gotten the same benefits by simply auditing and modernising their C++ code? I'm not convinced. Google has some amazing engineers. They've been using hardened standard library variants for a long time - much longer than they've been part of the C++ standard. If google is still getting large security benefits from adopting rust, I think the benefit in rust is real and Bjarne Stroustrup is wrong.
First of all, Rust is default safe. In C++ developers always trade performance for safety, in Rust they just swallow the penalty (which is often still performant enough). C++ code will often not be as memory safe as it could because someone decided to not use particular checks (like compiler-driven integer overflow checks).
Secondly, Android C++ code is not particularly high quality, also when it comes to memory safety. A lot of it is also quite old.
I would consider it your average massive project, not a masterpiece coded by amazing engineers.
Thirdly, it has a massive target on its back and is under attack by pretty much everyone. They have to use whatever they can to keep up with the attackers.
Several companies have these issues and approach them in different ways. Rust is a very attractive approach for developers, since it’s just another programming language. It’s also quite ugly, people complain about its complexity and is unfortunately suffering from dependency explosion.
I hope it’s a stepping stone to something better.
> In C++ developers always trade performance for safety
A "trade" implies care which isn't actually taken. What WG21 does is they assume that safety costs performance and so they throw away the safety hoping that this means they get performance. They don't measure, which is why you get to see first Herb Sutter explaining that C++ doesn't do bounds checks because they're unaffordable (notice he presents no data) and then a few years later Herb Sutter explaining that the latest C++ will offer bounds checks because they're actually affordable after all (now Google has collected the data)
In most cases it's much worse than the bounds checks, which actually did have a small cost, it's often net negative to throw away safety, C++ chose the less safe and slower option, assuming that this "trade" exists when it doesn't and if they'd measured they'd have seen the news before making the decision.
> First of all, Rust is default safe. [...] in Rust they just swallow the penalty
The borrow checker runs at compile-time, not run-time. Safety doesn't slow down your code except in a few small, specific ways like array bounds checks and UTF8 validity checking - but these checks also happen in unsafe rust too. The overhead is also mitigated by some of rust's other choices increasing performance. (For example, rust uses noalias everywhere, has larger codegen units by default and a better, faster standard library).
There was a really great analysis a few months ago looking at the performance impact of rust, C++ and hardened C++. They patched the compiler to see what happened when all runtime safety aspects were removed - and the result was about a 2-3% improvement. Measurable for sure, but nothing to write home about.
> Secondly, Android C++ code is not particularly high quality, [..] Thirdly, it has a massive target on its back and is under attack by pretty much everyone.
Most code isn't particularly high quality. But I suspect google has better resources and processes than most C++ dev teams. As for security - just about all code is a target now that LLMs can find vulnerabilities so easily. I want all the software on my computer to be hardened against attacks that can be found and exploited in under $5 of compute.
> [Rust is] also quite ugly, people complain about its complexity and is unfortunately suffering from dependency explosion. I hope it’s a stepping stone to something better.
As Stroustrup once said, "There are only two kinds of languages: the ones people complain about and the ones nobody uses." It's a good sign that people are complaining about it. But otherwise I agree - I look forward to seeing how rust's borrow checker inspires new languages going forward. There's a lot more good ideas in the programming language space that we haven't scratched.
> Rust already has warts from bad API designs that constrains performance and they are unlikely to ever be fixed even with new editions.
Like what?
> Aliasing has yet to provide any real benefit for Rust and a hell of a lot of issues.
Yeah, the performance wins so far are quite small. But rust's noalias-by-default did unearth a whole lot of latent bugs in LLVM. Even if you don't care about rust, its great that rust led LLVM to track down and fix these bugs. They affected C/C++ code too.
> realistically anyplace that aliasing matter c/c++ will just drop __restrict on it.
Is there a way to tell? When I'm writing C, I have no idea if using restrict will help other than staring at the assembly. (Or just trying it). I'm also leery of using restrict in C because its so hard to audit callers. How do you know when restrict is safe?
> When I'm writing C, I have no idea if using restrict will help other than staring at the assembly.
It's also a statement, whether you want callers to pass the same object to different parameters. If that doesn't make sense or you don't want that, write restrict.
> Until Rust has equal meta-programming support to C++ it's always going to be "slower".
What metaprogramming does C++ have that rust is lacking?
If you need more than traits + generics, rust also has proc macros. Proc macros are essentially portable compiler extensions. They take in a stream of symbols from the user's program at compile time and emit rust code that gets passed straight to the compiler. You lose out on syntax highlighting and they make compilation slower. But macros are essentially compile-time code gen. They work great. In rust, you can do things like JSX at compile-time without any special compiler support. (See: leptos.)
> Realistically the difference doesn't matter much and if you're writing code that must be as fast as possible your writing unsafe Rust that looks a lot more like C/C++ then anything Rust.
I agree that the difference is small in practice. Good rust often does look a lot like C - with plain structs everywhere and lots of global-ish scoped functions.
But I don't agree about unsafe. I've spent some time porting well optimised code from C to rust. I generally find I need far less unsafe code than I expected. I ported a ~500 line skip list implementation from C to rust a few years ago. I think my rust code ended up using just 2 unsafe functions. The rest of the code didn't need any unsafe at all.
My skip list was a monster to debug in C because most logic bugs ended up corrupting memory. As a result, a bug in one function caused crashes in far away code. In rust, debugging was much easier. There wasn't any "spooky action at a distance". And that let me reason about the code much more easily. As a result, once I got it working I ended up adding a few more optimisations in rust that I was too overwhelmed to write in C. The rust code is now ~2-3x faster.
Yes. Its also explicit instead of implicit. In rust (and typescript, swift, haskell and others), you have to opt-in to nullability. By default, functions can't take a null in place of a non-nullable value. And whether a function accepts a T or an Option<T> is part of the signature.
Returning to the context of this post, this is one of the things I really like about rust. (And zig, haskell, typescript, swift and others). These languages make invalid states impossible to represent. If my function takes a value of type T (or &T), you can't accidentally receive NULL. So you just don't need to worry about this stuff any more. The compiler simply won't compile the program if type checking fails. At runtime, I only have to consider valid values.
We'll see. I think mass JMAP adoption is really waiting for either apple (mail.app) or google (gmail) to jump on it.
My favorite feature of JMAP is that it gives you a single, consistent API endpoint that works for native clients, webmail and programmatic clients (like, backup scripts and things like that). JMAP means you don't have to invent your own REST API for webmail. Unfortunately, gmail, yahoo mail and all the rest predate JMAP. So it doesn't really help them in the same way.
It'd be lovely to get thunderbird working with JMAP!
The list of preinstalled CAs is long. I think its a safe bet that many nation-states have covert control over at least one CA on that list. (Or they have one of the root signing certs). HTTPS is way better than HTTP. But I'd personally rather if these random organisations didn't have RCE on my computers.
I've never heard of most of them. AAA Certificate Services? AC RAIZ FNMT-RCM? ACCVRAIZ1? Actalis? AffirmTrust? Even Godaddy is in there. I know I don't trust those guys.
Trust has gotta start somewhere. But its much better to TOFU, then pin signing keys in the updater.
Please, everyone - don't let yourself be pestered into accepting PRs that you don't care for. Since the xz attack, the security of all our computers depends on maintainers not letting this stuff in.
If someone really wants a feature in a project you wrote, but you don't care about the feature, just let them fork. Its fine.
> the security of all our computers depends on maintainers
Not getting paid anything, getting bullied and harassed while spending their free time maintaining things. Surely this isn't sustainable. And telling maintainers how to act will not fix anything.
> telling maintainers how to act will not fix anything.
That depends. In this case it's good actionable advice that should hopefully lower cognitive load. Politely suggest a fork, then if the nagging persists block and move on. Sure if you're in a position of authority you have a responsibility to the community but cutting ties with a stranger who is flagrantly violating social norms is perfectly acceptable. There's no expectation that you indefinitely burden yourself with their poor behavior.
Sometimes dropping the ban hammer really is in the best interests of both yourself and the project.
I don't really think it's actionable. It's like all those campaigns trying to steer behavior, pretty useless. Don't do drugs. Don't speed. Don't drink and drive. You can't just tell people something and expect it to happen. You need systems and guard rails in place.
Relying on maintainers to always do the right thing to ensure our security by telling them what to do is not the way.
It's not an attempt to steer behavior but rather intended as helpful advice. There are certainly cases of organizations disseminating "helpful advice" with the underhanded intent of steering behavior but that doesn't mean we should assume bad faith by default.
The advice is actionable because it is a concrete change that could be made. I believe it to be relevant to the context because someone in a position of authority who is badgered into accepting something would most likely benefit from reevaluating how he is interacting with the general public.
How is it not actionable? "Hey, you seem keen on feature X but I don't care about that. Just maintain X in your own fork. Thanks!" -> Close issue / PR.
Is this an illegal move? I've done it plenty of times. And other people have said the same to me, too!
The point is that just telling every maintainer "The security of all our computers rely on you. You are free to tell people to maintain their own fork. Good luck!" isn't something that will meaningfully change anything. I never said saying what you write is illegal or bad. Just that we can't depend on every maintainer doing that to be how we secure our computers...
> telling maintainers how to act will not fix anything.
I'm just saying its ok to ignore overly enthusiastic contributors and tell them to just fork your project.
I think this does help, actually. In my early days of maintaining opensource software I felt burdened by open PRs - like I was letting someone down by ignoring their work. "Its ok, let them do whatever in their own fork" is advice I wish someone had given me.
>And telling maintainers how to act will not fix anything.
Indeed. For too long, maintainers were expected to be gracious, courteous, and polite at all costs lest they be labeled "problematic", except for a few who were too influential to be muzzled like Theo de Raadt or Linus.
Perhaps we need to normalize bullying people who submit obvious slop as PRs.
No, you absolutely should be gracious, courteous, and polite. But only at first. The duty of maintaining a functional community doesn't mean you're obligated to suffer unlimited abuse.
You can be if you want to but social skills should not be a requirement to lead an open source project. If you create something and share it that doesn't oblige you to even respond to anyone.
Of course, a hobbyist putting his code out there is under no obligation whatsoever. But we aren't talking about small time hobbyists here. These are professionals who are either paid as part of their job or else contribute their spare time to maintain important projects that are part of a large ecosystem that is relied on. There's a community and it necessarily has behavioral standards as part of the shared goal of maintaining group cohesion.
There is no reason you can't be gracious, courteous and polite while refusing to accept or even to review the PR. These things are not tied together. You can also refuse to be bullied by submitters, stop engaging altogether. But bullying is part of the problem, not the solution, normalizing bullying is the wrong direction and will not result in more secure code.
>There is no reason you can't be gracious, courteous and polite while refusing to accept or even to review the PR.
I agree, and I never suggested we cannot do these things.
I'm saying we should normalize immediately telling people who submit obvious AI slop to fuck right off. Submitting AI slop pull requests is rude. It is disrespectful of the maintainer's time and energy. I see no reason why I or anyone else should be respectful of someone who has already demonstrated a lack of reciprocal respect by submitting a vibe-coded PR that they obviously haven't even read or tested.
Because encouraging a culture of disrespect and bullying is actually bad for security not good for it. Politely decline, please, no need to be rude because of your (not always guaranteed to be correct) perception of where someone (or some thing!) is coming from.
I really wonder how maintainers get pressured into merging stuff? If they did not want to merge in the first place while having to argue with someone pushing their PR I'd immediately close the PR. Arguing and pressuring people is not a way to contribute to projects, why do maintainers even argue with people?
Because they don't want to be seen like assholes, who just blindly dismiss PRs, and because they take the technical discussion about the PR in good faith.
On some of those PRs the AI agent (?) did not really pressure - it reacted promptly with changes and more plausible (hallucinated ?) technobabble why the PR is needed.
It can be quite hard to discern this behavior from a new contributor to the project that might be a domain expert on something you are not. Possibly with the exception of reacting far too quickly & enthusiastically compared to real people that might have a life.
Honestly most places on the internet are not places to go into arguments in good faith. Maybe it used to be different, but with the amount of OSS projects being endangered by AI slop contributions, silently closing PRs should be the norm.
If someone gets emotional about their PR being rejected, well... its kinda their issue.
That makes it look like you're too stupid to understand the PR.
Edit: I see this comment getting downvoted. To be clear, I was trying to explain why someone would want to merge a PR without going through all of it, I didn't mean to call such people stupid.
Technology doesn’t exist in a vacuum, you need the consider the possibility it will be used for evil and the effect that might result from that. Far too many people dismiss LLM risks with ‘oh, if people just stop being gullible/greedy/lazy everything will be fine’, as if that is a sensible proposition.
In fact, LLMs proliferate in exactly because people are gullible, greedy and lazy and it’s easier to write a prompt than do the hard work of architecting software. It is easier to vibe code than use them with care. It is easier to tell oneself ‘I will just accept this PR blindly, but I promise I will do a better job reviewing the next’
You can but that doesn't help you keep the flood of contributions out when you don't have the time or resources to properly discern good from bad. Maintainers would rather have 10 good human authored patches than 100 patches from LLMs, even if 20 of them are good. Even if 50 of them are good, probably.
It makes it easier to filter. Most LLM spam can be easily noticed. And those that aren't automatically filtered, can fairly easily be closed by the maintainer - when they don't have the weight to assess each on their validity.
You can be sad while acknowledging that the behavior's directly an epiphenomenon of how the technology scales :)
Can't have the one without the other! It's part of that same technology, and it's fair to conclude that LLMs are bad if you're upset enough at the results.
I'm of the opinion that any PR that looks like it was created with AI has to be 100% perfect for me to consider accepting it. Otherwise I'll close it as AI slop. I'll work with you if you're trying to fix a bug. But if the PR looks like a zero effort drive-by PR, I'm rejecting it and calling it out.
I saw a clip the other day of an American comedian doing crowd work in Paris. He asked the audience what America should do, and the French said - something like - they should punch the police more and light things on fire.
To me that sounds crazy! But, I can see how it works for the French. They protest all the time, and the government is very responsive to the needs of the people. Much more so than the American government sees to be.
I don't know how effective the French protests are, since I haven't lived in Europe for a while. But even as a Swiss, at least judging from TV, protests in the U.S. generally seem very tame.
Not advocating punching the police as a default, but in my opinion, protests need to be disruptive if they're going to get anyone's attention at all. I don't really see what a few people standing on the sidewalk with cardboard signs are supposed to accomplish.
And if there isn't violence, the police tend to escalate things and make it violent. I suspect this works to prevent/neuter any serious protests so long as the potential protestors still have something to lose, and in America there is very little in the way of a safety net, so living conditions would have to (continue to?) deteriorate quite a bit before protests started heading in a French direction.
Yep, and even when the majority of protests don’t turn violent, the media does an amazingly good job of making it seem like they did. I remember multiple family members posting about, and even talking about in our group chat, how multiple US cities were on fire and essentially war zones in 2020.
I don't know if you know, but quite a few European countries are known to send police or "state" confederates into protests to give authorities an excuse to Escalate. You also see lots more water cannons being used over there.
In Paris the burning and destruction typically happens in the outer "boroughs" of the city -usually by disaffected groups -sometimes they happen to be disenfranchised- though typically they harm the older generation's property and that generation typically frowns upon the destruction.
Of course, in the US, we've had organizations who on paper are for justice and redress being found to foment agitation. It's a total corruption of their mandate. We had an "anti-hate" group paying hate groups to "do things"[1].
There was also testimony to the Congress by its CEO which wasn't very convincing. There is a dude running for congress in Maine who has a troubling political background due to his past associations and this guy could not call him out. I'm pretty sure if the congress hopeful were running as an IND or repub he'd be treated differently by this organization in question.
Only because the people don't fight back. If they know that folks would fight back, they would behave themselves in the most polite and proper ways you won't believe.
It's rarely acknowledged but a big reason why ATF and FBI toned things down after Waco is because McVeigh (he was there watching) directly retaliated causing nearly 1000 casualties of government employees. At that point they went to the current plan of just divide and conquer a single person at a time via surveillance of the targeted group after things quiet down rather than try to take on groups head on.
Yep, you can see it in the way ICE operates. 10 agents jump out of several cars, they grab one helpless person and they all drive away. Like a pack of hyenas picking off a young calf.
I’m sure that fear of retaliation had some impact, but I’d say it pales in comparison to their fear of the optics of another Waco. Post Waco, favorable opinion of the FBI dropped from 70% to below 40%.
Is this supposed to be sarcasm? As far as I know, America is the only nominally democratic country where cops routinely shoot people, and their number one excuse is that they thought they could be shot.
Nothing makes cops more trigger-itchy than the thought that a random stranger could "fight back" any moment.
In the US if you're with a group of people and there is some leader or group planning unlawful property destruction or violence, there is a very very good chance it is a fed or confidential informant operation and you are the mark/patsy to which all the blame will be assigned when you're staring at a sheet of paper that says US v [your name].
Not really a "very very good chance", but the few instances of this happening have accomplished the intended effect of making everyone terrified of the possibility and thus never doing it.
Are you trying to say the US are snitches? Or in any case, more snitches than the Europeans? More snitches than the ex-communists from the Eastern Europe?
Americans don't even protest on weekdays, they wait for a weekend to do it. So it is easy to say that they aren't serious but on the other hand, they're a lot closer to the knife's edge of stability and missing a day of work can get them fired (especially in at-will employment states), Europe is not like this as much.
Yes, they've wound up having their whole lives very effectively taken hostage. Also criminals lose the right to vote don't they? Seems like the perfect incentive to criminalize any political movements that are contrary to the ruling class.
Guys, I feel like we should get another anti-union thread here soon. It’s getting a little too hot for comfort. I’ll start. Whew While I do like unions in theory, I was really peeved when I was getting my start in the working forces as a banana picker and this guy Bob took midday naps...
I agree. people should be shutting down all commerce, but people are so overworked or living from paycheck to pay check its probably hard to do the kind of protesting that needs to happen. Seems like UK is bad.
There are people with cardboard signs, and there are BLM protests or occupy Wall Street. Can't remember when the last disruptive protests were in Switzerland, but in Germany I'd say tame protests are the norm and disruptions are an exception
99% of BLM protests were just people with cardboard signs. There's always the occasional anonymous asshole who might throw a rock at a window and run off, but that's the nature of any gathering of 100,000+ people. There will always be a turd.
In the other 1%, the police decided on a policy of always picking a fight with crowd, every fucking day, until they ran out of gas.
There was a lot of arson at BLM protests, and plenty of people beaten in the street, some of whom were in no way asking for it. The majority of the violence probably was the cops though.
> the French said - something like - they should punch the police more and light things on fire.
I'm trying to wrap my head around this as well. Do these people want "punching the police and lighting things on fire" to be a freely permitted form of free speech?
If so, should anyone be legally allowed to destroy any amount of stuff, for any reason they feel unhappy about? Or is this a case of "blowing stuff up should only be permitted for causes I like, not for causes I dislike"?
If not, do they see the irony in endorsing behaviors that they simultaneously believe should not be legalized?
No, it should be illegal, otherwise everything would get destroyed whenever someone is slightly destroyed. Illegality serves as a kind of filter so that when enough people risk jail or death for a cause, that's because they really had enough.
I haven't given that a lot of thought, and it feels weird to say, but maybe the opinion that an act should be done and should be illegal can be true at the same time.
When a citizen commits a crime, they messed up. When ten commit a crime, they messed up. When half the village destroys the chief's home, the chief messed up.
I think you've misunderstood. Such things are also illegal in France. But there are times you need to be prepared to break the law to bring about political change, eg if a government repeatedly demonstrates indifference to public concern.
Suppose you are living under very corrupt or autocratic governance, and you protest in the conventional way (marching, waving signs and banners and so on) bu the government simply ignores it, or slanders the protestors for having a different opinion. What do you do then?
France is a much smaller country. When there is a mass protest in the US, it ends of being a bunch of smaller protests all over the country, which lacks the power of a single concentrated protest. These various satellite protests just end up being a minor nuisance, which don’t amount to much.
The media in the US often ignores the protests they (or their owners) don’t agree with. This also weakens them significantly. I remember having to go to Twitter to see what was going on with a lot of the Occupy Wall Street stuff, because the news was acting like it wasn’t going on. Without attention, and fractured across the country, it faded out. The protest area where I was living at the time slowly shifted into a homeless encampment, before they eventually cleared them out.
Democracy needs real journalism to function. Having all the rich people own all the journalists isn't going to end well. We need to find a working business model for journalism that doesn't rely on rich folks.
I think news outlets need to be run as a non-profit to remove the types of people with aspirations of wealth, instead of aspirations to report and inform the public, from the sector.
Usually rich folks buy newsrooms not to make a profit, but to control the narrative.
No journalist joins a newsroom to become rich. Famous, maybe, but not rich.
The business model used to be advertising, but the internet destroyed that model. And we don't have a replacement, while democracy doesn't work without someone holding the politicians to account.
Probably because we have a well established history of regularly changing regimes. Since we overthrew royalty in 1789 we've had five republics, two empires, three monarchies and a bunch of short-lived totalitarian regimes, coups and other major political events.
If anything, the longevity of the Fifth Republic is starting to become unusual (only the Third Republic and the Ancien Régime have lasted longer). Maybe we're overdue to flip the table again as per tradition.
I'm only pointing out that ever since the French revolution, we have a rich history of regime change (and also of strikes and demonstrations). Some were due to external factors (like the Vichy régime during WW2) and some were bloodless (like the end of the Fourth Republic).
Us rolling the dice whenever we have a major political crisis is a meme at this point, for better or for worse we're just not the kind of people to keep the same constitution around for 250 years.
I know that "French strikes" and "French setting fire to things" is a popular American trope, but things really don't work like that. If that were the case France would be a much better place than other European countries, and it really is not.
> "French setting fire to things" is a popular American trope, but things really don't work like that.
They worked like that when I was in Paris ~3 years ago! At the time, people were rioting over the retirement age changes. I walked around the city the day after the protests. The city smelled like burned plastic. There were burned out rubbish bins and the husks of melted lime bikes & scooters all over the place.
Only if you believe that always caving in to a violent mob burning random (private citizen-owned, non-government) cars in Paris leads to better outcomes for the country.
You are basically admitting that the US is already past the point of no return on the road to full-blown oppression: too many government workers not accountable to the people.
I feel like in the US if you punched a cop the cop and his colleagues are much more likely to just shoot you, or at least unleash brutal violence on you and the rest of the crowd. I guess the idea is to provoke these kind of battles in hopes that the cops can be overwhelmed or at least public opinion goes to your side?
That's alot less risky in France where the police have more than an 8th grade education, no guns, and aren't jacked up on right-wing hate propaganda 24/7. You punch a cop in the US and there's more than a 50% chance, that a given cop has been dreaming of "protecting himself" by any means necessary. In other words, you are going to get shot in the chest.
In Machiavelli's Discourses on Livy, he reviewed Roman records and compared provinces with heavily fortified seats of power to ones that weren't as fortified. The ones that were more fortified tended to be governed in a way that was more callous, less efficient, and less popular. He concluded that it was good for governors to have a reasonable fear of those they governed.
The U.S.'s institutions of power are heavily fortified. Political leaders of most countries travel about with a security detail of a few cars at most. The U.S. president has a gargantuan motorcade that's only rivaled in size by those of third world dictators. Arguably, the U.S. president doesn't hold power so much as wield it in the interest of oligarchs, who are even more insulated from the public.
If Americans want better government, what they really need to do is make oligarchs and politicians feel like they might actually be made to feel the consequences of their actions. That doesn't necessarily have to mean violence though, if people are creative enough.
e.g. Elon Musk wants so much to control what the world thinks of him that he bought Twitter and had Grokipedia made in an attempt to kill Wikipedia, since they have honestly reported on his misadventures with the same standards of rigor applied to other public figures. If you want to make Elon Musk feel consequences, just never let up on him. The dude made Nazi salutes during Trump's inauguration twice. His DOGE idiocy is why Texas livestock is being banned in other countries because of screwworms. Keep talking about that and don't stop.
Well gee, to start France has higher healthcare quality/access, higher life expectancy, much lower treatable mortality, better work-life balance (less hours worked, more guaranteed leave), lower wealth inequality, higher voter turnout (indicative of less apathy or less efforts to disenfranchise), among others.
One of the problems with just using economic metrics is it seems to confuse the fact that the economy is supposed to serve society, not the other way around. So it leads one to wonder: with those better economic measures, what is it buying for US citizens?
Many Americans have a strong bias for measuring everything in money. If you've lived there, it can be shocking how pervasive the thinking is in EVERY decision.
All these things become meaningless when you cross the ~50th income percentile.
Besides work/life balance, the US gets much better as you earn more, and frankly high earners are generally less concerned with time off work too.
Also why the US enjoyed ~30 years of European brain drain, those benefits are much less enticing when you are the one paying more and getting less.
Median US income is $45k. Almost 18% of US household income goes to healthcare costs. So you’re saying healthcare access/quality, time off, and mortality are moot once you make $23/hr? Color me skeptical.
I mean, you're on the cusp there but $23/hr is around where "full benefits" jobs become the norm.
Also keep in mind that French pay a lot for healthcare too, except it's called taxes. That $23/hr in France would be taxed at 30% compared to 12% in the US.
This only gets more dramatic as you climb the income scale, which inevitably means (in France) you are paying way more taxes (41% at $100k) while using those social services the least.
Compare to the US where you are paying 22% on $100k and likely getting high tier health insurance for ~$200/mo from such a job.
The takeaway is that America sucks if you are poor, but gets much better if you can make it out of the bottom half, and way better if you can get to the top 25%.
P.S. there is a reason the media only talks about the bottom 50% and the top 1%. Talking about the 50-99% would reveal where the real money in the country is (and offend/call out half the country too).
> That $23/hr in France would be taxed at 30% compared to 12% in the US.
So, since you're full of shit, let's do the math. I'll even be kind, I'll go 1$ = 1€. 23€ per hour, 35h/week, 4 weeks per month (broadly). 3220€ gross, which, to cut things short and not even get into gross -> net, let's assume 100% of your gross is now net, is 38640€ / year. The 30% tax BRACKET starts at 29316€. 25% gets taxed at 30%, 60% gets taxed at 11%.
Anyways, you're full of shit, I just needed people reading you to know it.
Benefits are paid based on hours worked not on rate. You also seem to confuse marginal and effective tax rates because you don’t factor in the other tax structures in the US like FICA/state/local taxes. On the US healthcare side, you have to factor in deductibles; my annual family HSA deductible is $8k. And on and on. As a general rule, I try not to spend much time debating with new accounts that miss basic facts/principles.
But this all digresses from the point: simple economic indicators like GDP without fuller context are a lazy and misleading metric for evaluating the health of a society.
> We adopted Rust for its security and are seeing a 1000x reduction in memory safety vulnerability density compared to Android’s C and C++ code
Maybe the android team could have gotten the same benefits by simply auditing and modernising their C++ code? I'm not convinced. Google has some amazing engineers. They've been using hardened standard library variants for a long time - much longer than they've been part of the C++ standard. If google is still getting large security benefits from adopting rust, I think the benefit in rust is real and Bjarne Stroustrup is wrong.
[1] https://blog.google/security/rust-in-android-move-fast-fix-t...
reply