> C++ is completely unsafe. You can largely trust Javascript code that someone else wrote.

This is an interesting claim since JavaScript runtimes are written in C++. I suppose we do trust them, but only after wrapping them in all the other layers of safety we can get our hands on.

But when you start with that, it's turtles all the way down. Who guarantees that the Rust compiler is correct? Who guarantees that a kernel implements syscalls correctly? Who guarantees that RAM bits don't flip? Their point wasn't about the implementation of JS (which can always be improved), but on the definition of the language.

Ah, but you actually do need to care about all that stuff too if you're going to run code someone else wrote in your browser, or at least if you're a security engineer for that browser. That's how 0-days get you.

It's not a problem for your own programs because you're not trying to hack yourself, but if you're an aggressive enough developer you will find bugs in your compiler. In fact, this is a great reason to have full test coverage.