fugueish
Eliminating this vulnerability class should be seen as a business imperative likely requiring participation from many departments. The authoring agencies urge executives to lead from the top by publicly identifying senior staff who will drive publication of their roadmap and assist with realigning resources as needed.
https://www.cisa.gov/resources-tools/resources/case-memory-safe-roadmaps
fugueish
In part, this is because they are planning for the post-memory-unsafety future. (See e.g. https://www.youtube.com/watch?v=mi6ZLmrXNP0)
But vendors are still addicted to their ability to dump these externalities onto customers. It's 'expensive' to move away from C/C++ in exposed attack surface — but only because the existing costs are externalized.
fugueish
Intelligence agencies begging vendors to fix the bugs they use for intelligence gathering might seem surprising. But they have complex equities to balance, among them the fact that it is their nations who most depend on reliable information infrastructure.
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.