Hacker News new | past | comments | ask | show | jobs | submit login

The framing in the last two lines only makes sense if you consider the amount of total bugs as a prior. In practice, the more realistic prior is something that's more observable, e.g. the number or rate of published CVEs or of security breaches. If something like that can be reduced by 70%, that's much more significant than your framing of "0.7% of all bugs in this example are security bugs due to memory safety" makes it out to be.



I don't disagree with that, I was disagreeing with OP whose claim implies that out of every 1000 bugs, 800 of them are due to memory issues.

OP was wildly off the mark.


This would be an argument in favor of using a GC'ed language, because that would reduce those bugs by 99.9%.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: