Fun fact, Rust has a special error message for this:

Unicode character ';' (Greek Question Mark) looks like a semicolon, but it is not.

It also detects other potentially confusing Unicode characters, like the division slash which looks like /.

Tell me you don't know what a programming language is without telling me you don't know what a programming language is

I have this great idea for an app, we can go 70/30 on it! 70 for me because the idea is the hardest part after all. So basically it's Twitter plus Facebook plus Tinder with a built in MMO. You can get that done in a couple weeks, should be pretty easy right?

In simple terms, they just don't allow you to write code that would be unsafe in those ways. There are different ways of doing that, but it's difficult to explain to a layperson. For one example, though, we can talk about "out of bounds access".

Suppose you have a list of 10 numbers. In a memory unsafe language, you'd be able to tell the computer "set the 1 millionth number to be '50'". Simply put, this means you could modify data you're not supposed to be able to. In a safe language, the language might automatically check to make sure you're not trying to access something beyond the end of the list.

No, the industry consensus is actually that open source tends to be more secure. The reason C++ is a problem is that it's possible, and very easy, to write code that has exploitable bugs. The largest and most relevant type of bug it enables is what's known as a memory safety bug. Elsewhere in this thread I linked this:

https://www.chromium.org/Home/chromium-security/memory-safety/

Which says 70% of exploits in chrome were due to memory safety issues. That page also links to this article, if you want to learn more about what "memory safety" means from a layperson's perspective:

https://alexgaynor.net/2019/aug/12/introduction-to-memory-unsafety-for-vps-of-engineering/

A person that does popular repacks of pirated games - essentially, she takes a pirated game, compresses it as best she can to optimize download size, adds an installer that also handles decompression, and ships it as a new torrent.

Of course! Thanks for the discourse. Makes the world go 'round.

And as I said, if they manage to entirely switch, I won't have reservations.

As far as security in extant browsers and C++, see here: https://www.chromium.org/Home/chromium-security/memory-safety/

The Chromium project finds that around 70% of our serious security bugs are memory safety problems.

It's a serious issue.

Yeah, it was ok when the project started. The issue begins once it transitions from a toy to a potential competitor with Firefox.

Yeah, I know the history. And if they fully switch to Swift and manage decent performance, that would be acceptable, just strange. And it would also be fine to use whatever language if it were only a hobby project. I just reject the notion that C++ is an acceptable choice for new projects in security-critical positions.

The choice of C++ + Swift feels strange and off-putting to me. Swift, at least, is pretty safe as languages go, but does leave me scratching my head a bit. C++, though, frankly should have no place in a new browser project. For a piece of software whose whole purpose is to essentially download and run untrusted code, C++ is unacceptable.

It's realistically not gonna happen, but what I'd really like to see is Servo developed into a full browser.

Giving away conquered territory in hopes of peace is called appeasement. Historically, it doesn't go well.