> It turns out the defense against many of these vulnerabilities is the same, at a high level: validate any untrusted input before using it
It should be noted that type safety itself does not solve this problem. For external input, you need explicit schema validation or the type needs to be enforced at the protocol level using something like Protocol Buffers with implicit schema validation.
I think that security has nothing to do with the programming language and everything to do with the developers who are writing the code.
It should be noted that type safety itself does not solve this problem. For external input, you need explicit schema validation or the type needs to be enforced at the protocol level using something like Protocol Buffers with implicit schema validation.
I think that security has nothing to do with the programming language and everything to do with the developers who are writing the code.