It'd look like a subset of C where the compiler emits a diagnostic for every undefined behavior that's practical to detect at compile time and inserts code to catch at runtime everything else the standard calls undefined. The first step toward this is what GCC already does for -Wall -Wextra -pedantic -fsanitize=address,undefined. The second step is that a pointer variable doesn't contain a raw address but instead a base address and index, and every dereference of an array member is bounds-checked against the size of the object it came from. This ends up making the language's strict aliasing rule even stricter, and a lot of pointer casts or union puns become undefined and therefore errors. After programmers become accustomed to stricter pointer provenance, a compiler maker can add a concept of ownership, with a borrow checker to detect use-after-free and the like.

If the only programs with permission to escape the language's type system are system libraries signed by the operating system publisher, it isn't "totally useless." It'd be like Java applets, J2ME phone applications, Silverlight applets, XNA games, and Windows Phone 7 applications. Executables for these platforms are in an intermediate representation that lets the loader tell if unsafe was used. If the executable contains unsafe code but isn't signed with the permission to escape the sandbox, the loader raises a security exception. Applications were expected to perform I/O through first-party system libraries signed with this permission. Third parties weren't supposed to be doing "systems programming" on these platforms.

Which is why Google waited several years to brick early Nest and Revolv thermostats: the factory warranty had expired.

Exactly. Gasoline, mains power, and batteries are standardized. So are LTE, 5G NR, and Wi-Fi. Compare what Mike Masnick of Techdirt and other Internet user freedom advocates have called "protocols, not platforms."

Though even if there were no cryptographic lockdown of these "smart" devices' system software to interact only with the vendor's server, one big obstacle to running your own server (with proverbial blackjack and hookers) is that so many Internet providers nowadays block inbound TCP connections. T-Mobile Home Internet, for example, puts subscribers behind carrier-grade network address translation (CGNAT) with the whole neighborhood behind one IPv4 address. Even through IPv6, their gateway appliance offers no port forwarding or DMZ option.

What's the next step after having been rejected by several companies that had posted entry-level positions in your specialty within 10 km of your home?

Given that hiring locally is the rule, how do engineers end up choosing, and affording to move to, a city in which to find their first job after university?

Flying around the country to apply in person costs a lot of money, and I'd be surprised if most recent graduates can afford that plus the minimum student payment on Walmart wages.

"In-person"? How do most companies afford to fly candidates in for an in-person interview?

It'd have to support full-text search by default. Mastodon, last I checked, was still in practice stuck with tags-only search that fails unless both the poster and searcher manage to correctly #GuessTheHashtag. I've read that Mastodon added in version 4.2.0, but I've never got it to work because it's not the default: the posting user has to deliberately seek out how to opt into full-text search before sending posts, and the administrator of the searcher's instance has to spend a lot more money for a much larger VPS with the RAM for Elasticsearch or OpenSearch.

I get the impression that a company like ADP requires that an employer employ at least some minimum number of employees in an area. Otherwise, ADP appears to fall back to printing paper checks for the employer to mail. I don't know the specifics; I just know that I got ADP paper at one job after a bunch of layoffs, and I got ADP paper when I was the only remote worker in a particular state.

In my experience at my last three jobs (in the midwestern USA), small businesses that don't have enough employees in an area have to print and mail paper payroll checks instead of paying their employees through direct deposit.

It seems Warner can't catch a break. Time Warner's financials were in dire straits in 2004 as well with a load of debt from the AOL merger. That time, they paid their debt by selling Dire Straits and the rest of Warner Music Group to Edgar Bronfman Jr.

Among widely available fonts under OFL, GNU GPL for Fonts, or other free licenses, not many of them cover the 2,100-odd Jouyou (regularly used) kanji and 1,000 name kanji that BadDreamer mentioned. It's a lot easier to make a font that covers 100-200 characters from two alphabets, such as Chilanka that covers the Latin and Malayalam scripts in a distinctive and dyslexia-friendly handwritten style, than one that covers 3,000 different kanji made of 600 radicals (as iggymanz mentioned) with manually-tuned slight variations to their shapes to make them fit next to each other in a character.

Exclusive use of kana (Japanese phonetic characters) was common in games for MSX, Famicom, and other 8-bit platforms. The one problem with that is the sheer number of homophones in both Chinese and Japanese, words spoken the same and written differently. Kana normally don't even distinguish which syllable a word is accented on, which would be like writing Chinese without its tones. Yet somehow Korean avoided this and switched from Chinese characters (Hanja) to a suitable phonetic alphabet (Hangul).

I distinctly remember people recommending use of a tablet with external keyboard as a substitute for entry-level subnotebook computers when the latter were discontinued in fourth quarter 2012. This despite that major tablets ship with operating systems locked down not to run the sort of lightweight software development environments that could run on the desktop operating system of a netbook.