There’s a lot to be said for the scale of damage that can be done with something, especially relative to the effort needed to do that damage.

These days tech companies are doing enormous damage to people’s brains (saturating our dopamine receptors to the point that many people have depression and executive dysfunction) to turn us all into consumption machines that can only find happiness by consuming content and buying commercial products and services.

Imagine how much more harm they’ll do when they have direct access to our neurons, without even LED pixels as a buffer in between.

This is a very important concern. Tech companies already exert entirely too much power over society through smart phones and their accompanying apps. The damage they would do with direct access to your neurons is incalculable.

The only thing that comforts me is that I firmly expect that society as we know it will entirely collapse before this technology can really be capitalized. It’s not a very comforting expectation, but it somehow bothers me less than the idea of techno-fascist corporate feudal states taking control of everyone’s thoughts.

Probably the most important thing is keeping up with security fixes. I’m not an expert in web security, but my impression is that there’s a never-ending cat and mouse game between hackers and browser developers to find or patch exploits. And since browsers play such an important role in the activity of hundreds of millions… billions?.. of consumers, it has the largest possible attack surface for hackers to target.

Then there’s things like better support for web assembly (how I would love the web dev world to break the JavaScript hegemony), and the constantly shifting web standards that are meant to make websites more capable, easier to program, and more performant. E.g. things like websockets and WebRTC.

I think it’s debatable whether RAII should be called “memory management”. Whether dealing with Rust or modern C++, you don’t need to “manage” the memory beyond specifying a container that will determine its lifecycle behavior, and then you just let it drop.

You could certainly choose to manage it more granularly than that in Rust or C++, but in the vast majority of cases that would be considered bad practice.

That’s a qualitatively different user experience than C or pre-2011 boostless C++ where you actually need to explicitly delete all your heap allocations and manually keep track of which pointers are still valid. Lumping both under “memory management” makes the term so broad that it almost loses its significance.