Why Systems Programmers Keep Reaching for Rust
Rust's memory safety without a garbage collector keeps pulling engineers away from C and C++ for performance-critical code.
If you’ve spent any time around systems programmers this year, you’ve probably noticed the same language keeps coming up: Rust. It’s not a fluke. Developer surveys have shown Rust climbing the popularity charts for a while now, and the reasons behind that climb are worth unpacking, because they get at something real about the pain points of writing low-level code.
The pitch is straightforward: memory safety without a garbage collector. For decades, C and C++ have offered speed and control at the cost of manual memory management, and manual memory management is where an enormous share of security bugs and crashes come from — use-after-free, buffer overruns, null pointer dereferences, the usual suspects that show up in CVE lists year after year. Garbage-collected languages solved that problem but introduced a different one: you gave up predictable performance and fine-grained control over memory layout, which matters a lot if you’re writing a browser engine or an operating system kernel.
Rust’s answer is its ownership and borrowing system, enforced at compile time. The compiler tracks who owns a piece of memory and for how long, and it simply won’t let you compile code that could lead to a dangling pointer or a data race. That’s a genuinely different tradeoff than what came before it: you pay for safety upfront, in the form of a stricter and sometimes frustrating compiler, rather than paying for it later in production incidents.
Where it’s actually showing up
This isn’t just a language people like in theory. Mozilla has been rewriting pieces of Firefox in Rust for years now through the Servo project and beyond, precisely because browser engines are exactly the kind of attack surface where memory bugs turn into security disasters. Dropbox has adopted Rust for parts of its storage infrastructure, another domain where correctness and performance both matter enormously at scale. And cloud infrastructure teams more broadly have been picking it up for the same reasons — writing the kind of low-level networking and storage code that used to be C or C++’s exclusive territory.
None of this means C and C++ are going away. There’s decades of code, tooling, and institutional knowledge built around them, and rewriting large systems is expensive and risky in its own right. But for new projects, especially anything security-sensitive or performance-critical, Rust has become a serious contender in a way that felt unlikely a few years back.
What’s interesting is that Rust’s growth doesn’t look like the growth of, say, a new web framework, where hype cycles come and go quickly. It looks more like the slow, deliberate kind of adoption you see when engineers try something because they’re tired of a specific class of bug, find that it actually works, and then tell their teammates about it. That’s a much stickier kind of growth. If the trend holds, don’t be surprised if Rust keeps showing up in more infrastructure you rely on without ever noticing it’s there.