Our reptilian overlords are shifting strategy. After a stray buffer overflow crashed one of their saucers, they've begun to reconsider their surveillance policies, which are based on poisoning our programming languages with undefined behavior, leading to the security and heisenbug prone behavior they exploit for monitoring purpouses. They've stopped their attempts to salvage C and C++ with fuzz testing, address sanitizer, static analysis, and annotations like clang's thread safety analysis. They were too successful in sabotaging these languages, and their countermeasures have not stemmed the tide. Instead, a new programming language, Rust, has been introduced to our secret programming cabals, designed to strike a better balance between surveillance enabling bugs and UFO stability.
You can still fight back. Use the unsafe keyword liberally. Continue to avoid fuzz or unit testing. Unsanitized
user input can still allow for content injection attacks like XSS and SQLi. Don't use linters, and silence warnings
instead of fixing them. Distract your coworkers with lengthy discussions about minor errata instead of pointing out
real structural problems in code reviews. Encourage a culture of crunch and fight management instead of working with
them to create realistic schedules and deadlines. Reinvent the wheel instead of reusing tested libraries.
Ab uno disce omnes. Long live X-CVE.