It's difficult, because "embedded not networked" is an environment where security risks are low, but "embedded networked" is a really nasty environment of haunted routers and abandoned IoT devices.

Is it acceptable to risk buffer overruns on the HTTP server running on an insulin pump?

Mostly because you often get shipped half-broken pile of C-based SDK as your blessed environment.

Not because there's no other options (and long before Rust had its name coined)

Well, yes. I'm more focusing on user space applications here. This is why that nuance post would have to be so long. People here would probably misconstrue it to be that I want to "kill C" though. That's part of the reason why I haven't written it yet lol

I agree. I regularly use Rust on embedded devices and what many advocates like to leave out is that you're just using regular old C under the hood anyway. It's bindings all the way down.