Raw Thought

by Aaron Swartz

djb

日本語

I think it’s time to remind people that D. J. Bernstein is the greatest programmer in the history of the world.

First, look only at the objective facts. djb has written two major pieces of system software: a mail server and a DNS server. Both are run by millions of Internet domains. They accomplish all sorts of complicated functions, work under incredibly high loads, and confront no end of unusual situations. And they both run pretty much exactly has Bernstein first wrote them. One bug — one bug! — was found in qmail. A second bug was recently found in djbdns, but you can get a sense of how important it is by the fact that it took people nearly a decade to find it.

No other programmer has this kind of track record. Donald Knuth probably comes closest, but his diary about writing TeX (printed in Literate Programming) shows how he kept finding bugs for years and never expected to be finished, only to get closer and closer (thus the odd version numbering scheme). Not only does no one else have djb’s track record, no one else even comes close.

But far more important are the subjective factors. djb’s programs are some of the greatest works of beauty to be comprehended by the human mind. As with great art, the outline of the code is somehow visually pleasing — there is balance and rhythm and meter that rivals even the best typography. As with great poetry, every character counts — every single one is there because it needs to be. But these programs are not just for being seen or read — like a graceful dancer, they move! And not just as a single dancer either, but a whole choreographed number — processes splitting and moving and recombining at great speeds, around and around again.

But, unlike a dance, this movement has a purpose. They accomplish things that need accomplishing — they find your websites, they ferry your email from place to place. In the most fantastic movies, the routing and sorting of the post office is imagined as a giant endless choreographed dance number. (Imagine, perhaps, “The Office” from Brazil.) But this is no one-time fantasy, this is how your email gets sorted every day.

And the dance is not just there to please human eyes — it is a dance with a purpose. Each of its inner mechanisms is perfectly crafted, using the fewest number of moving parts, accomplishing its task with the most minimal energy. The way jobs are divided and assigned is nothing short of brilliant. The brilliance is not merely linguistic, although it is that too, but contains a kind of elegant mathematical effectiveness, backed by a stream of numbers and equations that show, through pure reason alone, that the movements are provably perfect, a better solution is guaranteed not to exist.

But even all this does not capture his software’s incredible beauty. For djb’s programs are not great machines to be admired from a distance, vast powerhouses of elegant accomplishment. They are also tools meant to be used by man, perfectly fitted to one’s hand. Like a great piece of industrial design, they bring joy to the user every time they are used.

What other field combines all these arts? Language, math, art, design, function. Programming is clearly in a class of its own. And, when it comes to programmers, who even competes with djb? Who else has worked to realize these amazing possibilities? Who else even knows they are there?

Oddly, there are many people who profess to hate djb. Some of this is just the general distaste of genius: djb clearly has a forceful, uncompromising vision, which many misinterpret as arrogance and rudeness. And some of it is the practical man’s disregard for great design: djb’s programs do not work like most programs, for the simple reason that the way most programs work is wrong. But the animosity goes much deeper than that. I do not profess to understand it, but I do honestly suspect at some level it’s people without taste angry and frustrated at the plaudits showered on what they cannot see. Great art always generates its share of mocking detractors.

This is not to say that djb’s work is perfect. There are the bugs, as mentioned before, and the log files, which are nothing if not inelegant, and no doubt djb would make numerous changes were he to write the software again today. But who else is even trying? Who else even knows this is possible? I did not realize what great art in software could be until I read djb. And now I feel dirty reading anything else.

More: You may also be interested in what djb is doing now.

You should follow me on twitter here.

October 19, 2009

Comments

You have obviously never had to admin Qmail on a production system. You mention log files in passing, but this is a seriously issue when debugging issues (which there tends to be lots of).

Yes, there’s patches to get it to do useful things like logging, RBL lookups and LDAP authentucation. However by the time all that’s done, I’m pining for Postfix, or hell, even Sendmail’s M4 config.

From a coding and SMTP perspective, it might well be the greatest thing since sliced bread, but I still break out in a sweat if asked to have a look at one of the Qmail servers on our network.

posted by Niall Donegan on October 19, 2009 #

Bernstein says “I am aware of four bugs in the qmail 1.0 releases”.

http://cr.yp.to/qmail/qmailsec-20071101.pdf

posted by Maciej Ceglowski on October 19, 2009 #

Aaron, thanks for putting into words what has needed to be said. I’ve said these things to people before, but perhaps others will respect your expression more than they have mine.

posted by Dossy Shiobara on October 19, 2009 #

I agree with Aaron, and I ran qmail and djbdns on big production sites (as well as small personal ones) for more than a decade.

Recently, I’ve switched away from both of them…and from djb’s ezmlm.

I switched qmail to postfix, to test a theory that rejection-on-envelope might encourage the dictionary spammers to drop randomname@mydomain.tld from their lists (qmail can bounce or silently discard; bouncing is a waste of time and silent discards suggest that the address is valid, so it should be used again next time). Yes, there are (or were) crufty patches to qmail for envelope rejection, but it just added to my growing feeling that no matter how great qmail was in 1996 (and most of history since then), email is now a rapidly changing environment, and qmail requires more active management than I am willing to commit.

I switched from ezmlm to mailman, which I don’t love, but I do appreciate the ability to offer a web interface that lets not-me manage the lists.

I switched from djbdns to nsd, which I am happy with. I don’t like the zone file format (blame Vixie, I always do), or explicit serial numbers, but I do like simpler SRV records for jabber, etc. I chose it because it isn’t BIND, the code is clean, it has a small footprint, and a few of the root servers run it.

posted by Andrew on October 19, 2009 #

Am I the only one who thinks this is a parody of DJB’s seemingly-constant attitude problem? I don’t know him personally, but almost everything I’ve ever read of his is surly. He is obviously talented, but he seems to suspect he might be the only one who is.

Can anyone find a link where he is excited, or happy, or whimsical?

Nobody on reddit or Hacker News seems to take this entry by aaronsw as a joke.

posted by ja on October 19, 2009 #

I find his piece on Russia to be hilarious. And Dear Ms. Tarzian is nothing if not whimsical. But I do suppose both have to be described as surly.

Personally, I really like people who are different. It’s nice to know there’s more than one way to live.

posted by Aaron Swartz on October 19, 2009 #

As I do not know him, I can’t say I wouldn’t like him. Most of the things he complains about ought to be complained about, and he does a good job documenting them.

He is very interesting, and interesting people make life fun.

But they are also sometimes ripe for parody. I guess not this time, though.

posted by ja on October 19, 2009 #

“… remind people that D. J. Bernstein is the greatest programmer in the history of the world…”

above implies that we knew he was already, no? (if you are reminding me, that means I knew it at one point and forgot …)

wouldn’t it be best just to write a peice that makes note of his contributions and our appreciation of said contributions rather than making him “greatest” or “world champion software guy” or “similar title”?

-g

posted by GF on October 19, 2009 #

“And now I feel dirty reading anything else.”

Really? You actively feel dirty when you read anything else?

Why did you need to close the post with such hyperbole?

posted by arkx on October 19, 2009 #

I was a math major at UIC when djb was a newly minted Assistant Professor, and his personality could only be described as “relentlessly efficient.” This comes through in his Russian conference anecdote just as well as in his code. In person, he is actually quite cheerful, but he does not suffer foolishness gladly.

I’d wager that many of the people above complaining about qmail and djbdns above do not remember what the Internet was like in 1993. I am a reluctant Postfix user now, but I hate it, because I don’t understand it. I defy anyone to create a milter, for example, and claim that that is superior to djb’s more Unix-like design.

posted by Lucas on October 19, 2009 #

arkx: Yes, I do. It’s true.

posted by Aaron Swartz on October 19, 2009 #

If you feel dirty when reading anything else, why didn’t you ever give me suggestions for improvement on my watchdog.net code? It’s not as if I didn’t request it. Or did you not read qmail until after that period?

I agree that the defect-free-ness of the qmail code is an impressive accomplishent, head and shoulders above any other production software I have heard of; and its minimalism is without peer in my experience. I don’t think that’s the only axis of goodness in software, though. You might want to mention Curve25519, Bernstein v. United States, and his successful remote timing attack on software implementations of AES.

posted by Kragen Javier Sitaker on October 19, 2009 #

I thought this article was parody too, but the reason was that I’ve tried to look through djb’s code before and find it utterly incomprehensible in a way that I rarely find anyone else’s working code. I can’t fathom what someone means when they describe it as aesthetically pleasing.

To sort this out, let’s start looking at some. Here’s the main axfr function in djbdns, on google codesearch:

http://ur1.ca/dyas

There are almost no useful comments. The function calls itself with slightly different arguments in order to accomplish different things, which is something that’s easy for computers to understand and very hard for humans to get their heads around. The whole thing looks like it was designed for some almost mechanical — not virtual — machine and then hand-translated in C. The “doit()” function is defined in several different files in the same source tree, so you can’t even refer to it by name unless you’re willing to say “no I mean the axfr doit() function not the tdlookup doit() function”.

So, please: if there’s something to like about the aesthetic of this code, someone tell us what it is. :)

posted by Chris Ball on October 19, 2009 #

Is this post a writing experiment?

posted by Joshua Gay on October 19, 2009 #

Way to mention Salsa20, Chacha, CubeHash and Poly1305-AES.

posted by T on October 19, 2009 #

Re: Chris Ball on axfr function

The function doesn’t call itself with slightly different arguments. There’s only one call to doit in that file and that’s from the main function.

djb uses main() to initialize things and then he usually has a doit() function to do the actual function of the program. There’s nothing confusing about it, not unless you find main() confusing as well.

I think Aaron’s post is a bit lofty, but djb is a true master.

posted by Hallgrimur H. Gunnarsson on October 19, 2009 #

This meme of rediscovering unix is becoming more and more popular.

posted by Dru Nelson on October 19, 2009 #

This is ridiculous. The author is obviously just as insane and arrogant as djb himself. If I had written something of this execrable caliber, I would have no option but suicide to preserve the honor of my family.

posted by Bradley on October 19, 2009 #

aaron> It’s hard to claim I’m new to programming. I did it for over a decade and then retired from it.

What? You did a bit of text mangling and it got used by a lot of people. That doesn’t mean you’ve done any complex programming, or that you have any particular skill.

You’re the Britney Spears of code, gushing about the Amy Winehouse of mail!

posted by steve on October 20, 2009 #

steve: you clearly haven’t used web.py or worked with Aaron.

Assuming the quote is accurate, though, I don’t think a decade is very long.

posted by Kragen Javier Sitaker on October 20, 2009 #

After the first paragraph I assumed this has been written by DJB.

posted by Thomas T on October 20, 2009 #

His piece on Russia mentioned by others just fits into the picture of arrogance. Does he know what hoops people have to jump through when visiting the US? Russia is a poor country. What does he expect from the standard there? (Besides that the US is also not the brightest example in the world.)

I don’t know him. So I can’t tell whether he’s really such an arrogant guy, but he really tries hard to make the impression.

I found a bug in qmail. It was not exploitable but it was a bug. So if I find one, there are more I’m not clever enough to find. But sure: if “exploitable” is an essential part of the definition of “bug”….

posted by Meikel on October 20, 2009 #

Gesh why is everyone fussing… even if this is some weird attempt at an ego-stroke it’s nothing we haven’t seen before :P

posted by CodeJustin on October 20, 2009 #

I for one welcome this tribute to a man unconstrained by engineering notions, unfettered by mere convention.

posted by Fitzharrys on October 20, 2009 #

“One bug — one bug! — was found in qmail.”, said the parrot. There are at least 2 bugs in the default install which prevent qmail from working properly (you may refer to the big-todo patch, and the “oversized” CNAME lookup/reply patch). What’s the point of authoring software when your ego and arrogance prevent you from patching and updating it?

I don’t dislike qmail. I don’t dislike Dan Bernstein. I do, however, dislike the inaccurate portrayal of qmail as the measure of perfection. It’s broken by default, and its logging format is, in my opinion, near useless as compared to other MTAs.

posted by idiocy on October 20, 2009 #

Dear djb — for I will refer to you lovingly by three lowercase letter — Your software is the very essence of perfection, a gently smoldering fiery flame every flicker of which reveals the mysteries of email and DNS and code in general, and so makes me want to write this slathering crapola which has almost singularly invented something I like to call the ‘blogjob’. You’re not a programmer — you’re a pop star! You’re not a software engineer — you’re a god! Your code makes me want to write emails just so they can be surrounded and caressed by your mail server.

You might think I’m unbalanced or, in some way, not putting the job of a programmer into perspective. But you’re wrong! Because finding the ONE, the GREATEST PROGRAMMER IN THE WORLD, is somehow a possible and worthwhile task, and giving you this title means that I might be one step closer to making out with you in the back seat of your 66 Ford Mustang Fastback, or, as I like to call it, the GREATEST CAR IN THE WORLD.

I love you, Fawning Goofball

posted by Lockjaw on October 20, 2009 #

You can also send comments by email.

Name
Site
Email (only used for direct replies)
Comments may be edited for length and content.

Powered by theinfo.org.