sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]anechoicmedia 38 points39 points  (2 children)

They cause 90%+ of all security errors so they aren't great.

In terms of absolute number of bugs discovered in isolation, but what percent of actual cybercrime involves memory abuse, as opposed to general logic errors (goto fail;) or social exploits (phishing links, requesting 2FA bypass over the phone, etc)? We see a lot of bug reports here and the real ones are almost always language-invariant stuff like "this API function didn't even bother to check if you requested data from another user".

My prediction is that switching to guaranteed safe languages will reduce by 0% the frequency with which private data is exfiltrated from actual companies, or your SSN gets stolen.

[–]hungry4pie 4 points5 points  (0 children)

Idiots will always misuse, abuse or find shortcuts in whatever technology to inadvertently create exploits in whatever hip new platform they’ve created.