You are more than welcome to give up on it. Personally I feel that you can never make code that handles C strings secure. That said, people will still be using them decades from now, and it is possible to give them safer APIs. Discounting everything as "oh it can never be perfect therefore we might as well throw away any efforts to make it better" is not helpful.