[Iolaum]

And the second question, would be: What is the cost for it and would we be willing to pay it?

[phoe-krk]

And the third question, would be: What is the cost for using outdated technology and are we really willing to pay it?

[selfmodruntime]

The answer to the first question is „literal billions in damages“ and the answer to the second one is „seemingly yes“. Library / application maintainers and product companies rarely pay the cost if yet another memory safety issue leads to a new 0day.

Perhaps changing that would finally turn people off of C/C++

[pjmlp]

Yes, when we aren't happy with physical goods there are laws and liabilities to take into account, same should apply to software products.

[eru]

Well, in practice we are paying it.

[phoe-krk]

Yep, the real question is for how much longer.

[jeroenhd]

Until someone can come up with the time or money to fix the feature gap between the many safe rewrites and the standard coreutils (and convinces packagers to ship the safe ones).

[pjmlp]

Or governments start to pay attention like the last US security bill.

[hardware2win]

You are talking about perf?

People use fucking java in HFT

dont worry, our basic tools are fine with Rust, go or even c#

[MobiusHorizons]

For cli tools startup performance matters a lot, and many languages struggle on that point (eg Java) go and rust would probably be acceptable though.

[pjmlp]

Apparently not, when so many of them are written in Python and Perl.

As for Java, if the extra ms are the end of the world, one can JIT cache or AOT compile it anyway.