Code has to be simplified until it becomes absolutely correct

Published on 2021-02-16.

systemd is an example of the extreme manifestation of low quality software in the area of system programming. This is because complexity is a very important factor that controls both the creation and defeat of errors, including security related errors.

In the past programmers where forced to create simple and efficient programs because of hardware limitations, and I remember the time when programmers even on consumer hardware like the Commodore 64 had to squeeze every bit of performance out of the box by constantly improving and simplifying programs.

If there is one thing that is the most destructive and damaging factor with regard to security, then it is complexity.

Once the code becomes simple enough, it is possible to even reach a level of safety where you can guaranty that no security bugs or errors exist in the code.

If we assume that no security bugs are injected by malicious programmers, then security issues, like other issues, are errors in code introduced by programmers by mistake. This means that the complexity of a program deeply affect the number of mistakes. This also means that one very important goal is to make code as simple as possible, until it becomes absolutely and obviously correct.

One of the most damaging ideas that exists in the software industry is the idea that software efficiency and correctness is irrelevant, at that the solution is to always throw more hardware at the problem because hardware is cheap. This idea has made programmers both sloppy and lazy.

If you want to really understand this issue in more depth, especially in relation to systemd, and if you also want to understand why the "Unix Philosophy" is perhaps more relevant than ever, I highly recommend the free book Unix Philosophy 2020 by Casper Ti. Vector.