This has been in question again lately, so I thought I'd remind you

The ultimate goal of any program is to be as simple as possible. It is much harder to write a simple program than a complex program, but achieving simplicity is the highest calling of the programmer, and we must strive for it.

@sir “If I had more time I would have written a shorter letter”

@sir Agreed. Just like with physical engineering practices, over-complicated and over-engineered solutions tend to be expensive and fragile.

@sir I'd add "while solving 100% of the problem". PGP is (relatively) simple, yet it fails to solve all of the problems that exist with signing, encryption and key management.

@ignaloidas @sir last I read, gnupg is a 1-man tree. It does all PGP does and more, yes? All through 1 person.

@nergal @sir PGP is the standard which GPG implements. And the standard was made by multiple people. It doesn't matter that the implementation is made by a single person.

@ignaloidas @sir the standard, yes. The standard does not dictate the math. Only the quality of the results. What qualifies something to be a standard? Internet Explorer was the standard for browsers.

GPG exists as a compatible, free option. It had to survive through the turmoil of patenting and copyright by doing the math differently. All of that was majorly done by a single person, for more than 2 decades.

@nergal @sir Standard is a set of rules that an implementation must abide to. Internet Explorer was never a standard for browsers, it was a standard browser(notice the difference between standard being a noun and an adjective). GPG did not have to survive through the "turmoil of patenting and copyright ". It implements OpenPGP(notice the "Open". It's patent free). It does not do the "math differently". There is only one equation that defines RSA, and there is nothing much that you can change.

@ignaloidas @nergal the entire purpose of the standard is to dictate the math

@sir how so? As in, the math has to be exactly so to get a reproducible result? So "de facto" standards are not standards? They are just preferred||popular methods? @ignaloidas

@nergal @ignaloidas the math is basically the entire point of crypto. Yes, if you don't implement the same math, you cannot decrypt or encrypt messages properly. And you'll probably introduce vulnerabilities. You have a really warped view on what standards are

@sir @ignaloidas education systems in Jamaica are corrupted by proprietary ideals. It is hard to separate fact from propaganda.

@nergal @sir As in only theese equations result in RSA encryption. It's just an algorythm.

@ignaloidas basic DH. I still have not put this concept to practical use. From whence is this excerpt? @sir

@nergal @sir "An Introduction to Mathematical Cryptography" by J. Hoffstein, J.Pipher and J.H.Silverman. A nice book to start on the core of modern cryptography. Though as often, the advice still stands "Don't push your own crypto to production".

@ignaloidas the kerning and line spacing make for comfortable reading. Seldom encounter textbooks like this. @sir

@nergal @sir Also, this is technically not DH exchange (though it may be used instead of one).

@ignaloidas OK. I see where I missed out on that in history class. I understood it to be PGP → GPG → OpenPGP. THanks for the correction.

In the developing world, Internet Explorer was seen as "the standard" for more over 20 years. If HTML did not function well in Internet Explorer, that was fail. @sir

@nergal @ignaloidas web browsers are a fucking dumpster fire, can we not use them as a metric for judging the proliferation of standards

@sir can you remind that to the most of developers of apps. Sometimes I found myself with some beautiful iu but a messy and hard to understand ux...

@sir The simplest program in the universe, which strips out all unnecessary processing and simply goes straight to the point:

int main() {
fprintf(stderr, "Something probably went wrong.\n");

@alicebun @sir this could be simpler by just using printf() and going to STDOUT than using fprintf() and going to STDERR

@sir @alicebun merely convention, and I've seen plenty of apps that don't do that unfortunately

@sir @coldacid Everything made by a human probably has an error in it somewhere, so just put everything to stderr to be safe.

@alicebun @sir at least one!

Well, we all know that every program has at least one bug and can ban be optimized by one instruction. And we know where that leads :D

@sir "The best system is which doesn't exist, but it's function is performed."

@sir There was a time when efficiency was seeked because of computational constraints. I hope in a renaissance of that pursuit in an age of payed cloud computing, where the constraints are economic instead of computational.

@plknkl @sir I agree, but I also think @sir 's call for simplicity and your call for a return to efficiency are non orthogonal. Both are laudable goals, but I'd argue that there are plenty of times where simplicity comes at the cost of some performance.

@feoh @plknkl I will take simplicity over performance 10 times out of 10. Modern computer programs have abhorrent performance and it's generally attributable to complexity, not the other way aroudn.

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!