

D.J. Bernstein: The Good News Archive - absconditus
http://www.aaronsw.com/weblog/001502

======
absconditus
"I expect this strategy to produce invulnerable computer systems: restructure
programs to put almost all code into extreme sandboxes; eliminate bugs in the
small volume of remaining code. I won’t be satisfied until I’ve put the entire
security industry out of work."

~~~
sketerpot
It sounds incredibly audacious until you consider the number of security holes
discovered in qmail after all these years: one, and it wasn't exploitable on
any existing computer system.

~~~
vog
How much worth is a secure software if it quickly becomes outdated and thus
useless? (at least in its original, secure form)

Qmail is an example of how to success in security, but then fail another way.
DJB never reviewed contributed features, or reimplemented them the
"right/secure way". There was absolutely no plan to evolve Qmail, so it was
unable to fit future requirements.

This catastrophic project management literally provoked forks and patches.
People had to modify the original Qmail to get even basic features such as
SMTP authentiation or integration with spam scanners. Many patches of
questionable quality are flying around, and no official next version of qmail.

So to be fair, we should count the bugs in the _Qmail forks_ (e.g. qmail-ng),
because these are the versions that are actually used.

------
wmf
From 2005. Did DJB deliver this stuff?

~~~
lsc
sort of? see <http://dnscurve.org/> \- but it doesn't entirely address the
same problem as dnssec. DJB looks like he took the parts he could do better
and did them better while leaving key management (which some people claim is
the hard part) to the user.

there was a discussion of it on dns-operations[1] the other day

[1][https://lists.dns-oarc.net/pipermail/dns-
operations/2010-Feb...](https://lists.dns-oarc.net/pipermail/dns-
operations/2010-February/thread.html#5029)

~~~
jeremyw
Decentralizing key management is surely one of the key positions of dnscurve.
In the vein of Templeton's expository on friction-free crypto & TLS.

[http://ideas.4brad.com/overengineering-and-non-deployment-
ss...](http://ideas.4brad.com/overengineering-and-non-deployment-ssl-tls)

Thanks for reposting the OpenDNS news. Had missed it.

------
anr
I'm so glad! He groks security and UNIX extremely well, I find his software a
joy to use.

I know he has several detractors, but that doesn't prevent his ideas to
spread, albeit slowly.

We all stand to gain.

------
ax0n
For all the "you may know about Bernstien because... " stuff at the beginning
of the article, I can't believe "because he's a pretentious, self-important
douche" didn't make the list. And it's not that it's completely and totally
undeserved. The dude is sharp. I just prefer it when people let others pile
the accolades on. And they would come if he didn't toot his own horn so much.
His rants typically leave a bad taste in my mouth. His quotes here are not
exceptions to this rule.

