Re: [OT] - A hacker stole $31M of Ether — how it happened, and what it means for Ethereum

[Walter Bright via Digitalmars-d]

On 8/4/2017 1:33 AM, RazvanN wrote:
> That could have never happened if they would have used D with @safe

That's mostly true, but not absolutely true.

1. There can be bugs in D's @safe checking and inference.

2. Function interfaces (such as in C interface files) are labeled @safe or not, 
and the D compiler has no way to check. Hence, functions can (and have been) 
mislabeled.

On the other hand, @safe does greatly reduce the attack surface. And as I've 
prognosticated before, the utter lack of machine checkable memory safety in C 
will herald the end of its use in anything connected to the internet.