Re: Not surprising
Sorry, but singling out "C" as the "biggest mistake in the history of computers" comes across as nothing more than fanatacism. Dumb, dangerous code can be written in all usable computer languages. Newer languages may have more built in range checks at the language level but these most definitely do not prevent stupid and there is no single programming paradigm that is more correct or more universal than others. "C", being a defined standard, was probably the best thing that happened to computers as it facilitated code and skill re-use rather than the previous situation of vendor and system specific languages and code. Copying code has its drawbacks of course, but it is generally considered better to re-use code than rely on individuals recreating the same things time and time again.
Most dumb code is produced either by poor quality or inexperienced developers (usually operating in a poor or non-existent review framework), developers who do not use how to use profiling and checking tools or chose not to use them, or developers working in a financially constrained environment where there is pressure to release code whatever the state in as short a time period as possible. On a lesser pool, the "I'm really clever I write minimalistic code" developers cause a lot of issues as well, but these are usually swamped by the quantity of code produced by others.
I've had to beat so many developers who turn off compiler warnings and hints because "there are so many"... FFS... they are there for a reason. Look at them, learn from them, fix them. There are (rare) occasions when compiler warnings and hints are genuinely false, but on these rare occasions such checks can be turned off and re-enabled and clearly documented as to why this is happening.
In the past I've also had the joyless task of having to to unpick "exceedingly clever" code that featured convoluted 40 operator logic statements and to instead separate them into useful code blocks that was both maintainable and allowed problems to be accurately logged with appropriate error handling rather than anonymous failures.
As previously noted here... Input validation: it's not optional. Validate for expected, unexpected and total nonsense values and handle them appropriately. Trust nothing, especially when it has an external origin and write code that propagates failure cleanly.