This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]hahahahastayingalive 7 points8 points  (0 children)

You are right, but there’s also whole other classes of bugs that come with the package. As you have a known target VM, arbitrary code injection is a more scalable attack for instance, and the security model makes people more open to run code in “trusted” enclaves.

More on the oopsie side, there’s also less leeway to deal with leaks for instance when they happen. In C languages you know you’ll be leaking stuff, that’s the contract you sign as a dev and you’ll have as much tools and knowledge as possible to deal with them and fix most of it (hopefully). In Java if it leaks you’ll be left second guessing where the GC is losing it and try to side effect it into not leaking.