I'm just the wrong guy to ask about this - I know how to limit (if not eliminate) vulnerabilities, at least in what I control.
It's harder to fix culture problems with tools than we might think, in general. Perhaps future generations will look at 'C' the same way we look at open-belt farm machinery. I can't say. But the sheer volume of incumbent 'C' code bases will be around for a while.
That's honest. :) I agree it will be around a while thanks to all the incumbent code. It's why I push for efforts to automatically deal with its issues at least for legacy code. Astree Analyzer, Softbound + CETS, CHERI processor, and CompCert compiler are all top examples of that. Links below. Enjoy. :)
It's harder to fix culture problems with tools than we might think, in general. Perhaps future generations will look at 'C' the same way we look at open-belt farm machinery. I can't say. But the sheer volume of incumbent 'C' code bases will be around for a while.