[pedrocr]

>In an ideal world that's what would happen but even if there where the will and the money it would take decades to replace all of this stuff in practice.

In a previous discussion here someone pointed out you could actually compile C with hardening for out of bounds accesses for example. So maybe we need to isolate those input paths in programs and harden them.

>Sometimes when I'm feeling pessimistic I don't think we can ever truly secure (to a reasonable standard) anything.

I don't think we can either. In part it's just economics, the cost/value of the exploits is just too high for low-value targets. But it's yet another of the reasons I don't see how cryptocurrency ecosystems can really work. The security of the end-points is just way too low for me to trust that kind of thing.