I was with you until the last sentence. Rust is not some magical "get out of bugs free" card. Bad programmers can write bad code in any language, and good programmers can write good code in any language.
We need to take security more seriously for our national security, I agree. More security-minded programming languages and frameworks may help with that. But rewriting them in Rust won't magically make their problems go away.
Memory related bugs (buffer overruns etc.) are the reason for most security bugs. Rust avoids these entire class of bugs. Yes, bad programmers can write bad code in any language, but you'd have to be really bad to cause memory related bugs in Rust.
Because Rust doesn't have the "unsafe" keyword, and no one would ever trade security for performance. Just like no one would ever misuse global variables just to make development easier. Just like no one would ever commit their signing keys into a public repo, just like no one would ever allow SQL to be run from user input, just like no one would ever you get the idea.
The culture that led to Adobe or Microsoft products being the way they are/were is not dependent on the language they used. Gates' security memo in 2002 never once blamed the languages they developed in, it blamed the culture their products grew up in. And funny enough, they've gotten much more secure without ever switching programming languages.
Again, I'm not anti-Rust. But buying a car with airbags doesn't mean you're never going to crash it, and it certainly doesn't mean you can never die in a crash.
Except for the fact that there is nothing stopping developers from using `unsafe`* to do bad things. And considering they have the tool, they will use it. In addition, it is unlikely that any significantly large system would be realistic to write in 100% Rust. There will be plenty unsafe dependencies that are unavoidable.
You're actually not far off. They are the biggest threats. Have you ever noticed that all of Microsoft releases gets leaked by Russian groups like WZor? Russia has long been releasing betas and alphas of Windows before anyone else, and no one has questioned how or why?
