Re: Airbags
Things like null pointers, double frees, buffer overflows, data races etc. are caught at compile time or runtime before they develop into exploitable attack surfaces.
The pointer related ones are failure to use smart pointers, double free is just not something that happens in correct code.
The data races, is a flaw in design, and as such is language independent.
The only correct thing in concurrent code, is do modification off to the side, and atomically swap into place. That will work in every language, even if you have to contort the "swap into place" part.
The buffer overflow, is failure to use an appropriate container, e.g. a std::vector<char>
I think that using system programming languages for general purpose programming is unwise.
Write in a scripting language, plugs small part of the system via an RPC transport into native code.
Alternatively if you need a systems program, then every piece of control you give up, makes it less likely that people will avoid C and assembler.
Biting the hand that feeds IT
