Date: Sat, 3 Feb 2001 13:59:02 +0100 From: Rahul Siddharthan <rsidd@physics.iisc.ernet.in> To: Terry Lambert <tlambert@primenet.com> Cc: j mckitrick <jcm@FreeBSD-uk.eu.org>, freebsd-chat@FreeBSD.ORG Subject: D J Bernstein (was Re: quote about open source) Message-ID: <20010203135902.M94275@lpt.ens.fr> In-Reply-To: <200102022245.PAA15968@usr08.primenet.com>; from tlambert@primenet.com on Fri, Feb 02, 2001 at 10:45:32PM %2B0000 References: <20010202140505.B91552@dogma.freebsd-uk.eu.org> <200102022245.PAA15968@usr08.primenet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Terry Lambert said on Feb 2, 2001 at 22:45:32: > > `The second problem is, and this is my most controversial remark, open > > source is the end of innovation and it's the end of innovation because > > open source can't happen until it's so broadly understood what's going > > on that the innovation has slowed down to incrementalism.'' > > To a large extent, this is true, given the organizational > structure of most large software projects. > > There's very little in FreeBSD and Linux that has not already > been published in the literature a decade or more ago, even > on the "cutting edge" stuff, like SMP, clustering, and threading. > > Most of the innovation in Open Source code is coming from > research outside of the context of the projects themselves. > > I suspect that given any single newly implemented "innovation" > you can name, I can find a literature reference over 5 years > old, and some will be significantly older (perhaps a quarter > century or more, in some cases). With the recent BIND problems, one name that's getting frequently mentioned is that of D J Bernstein.... It seems to me that if any true innovation will come out of the open source world, it will be from someone like him. He seems to be quite a character, though I only know him from his webpage and from the case on crypto exports which he fought some time back. I admit I'm no expert in programming: but his approach to security seems to be an innovation already, like using small independent programs running under their own non-root UIDs, and minimising the number and power of suid programs needed. Looks obvious, but why didn't sendmail and bind get there first? For email, if you're tired of sendmail's problems, there's DJB's qmail and there's postfix, the author of which is another candidate for "open source innovator". FreeBSD's mailing lists use postfix, though it's not part of the base FreeBSD system. The only time I set up a small email server, I used qmail, and it was a dream to configure compared to sendmail and it works like a charm. It seems to power some of the internet's busiest servers too. It hasn't been updated since 1997, but then it hasn't needed updating. So today so many people are worrying about the implications of BIND's holes for the internet's future, and the BIND team is responding by suggesting such crap as paid membership for early security alerts; but back in 1999 DJB actually wrote a bind replacement, and djbdns actually works beautifully, judging by many user reports. DJB has plenty of other ideas on his webpage (http://cr.yp.to) and many of them look pretty innovative to me. He even has his own mail transfer protocol, QMTP, and proposals for other protocols to deal with today's email problems. But the existing standards are quite entrenched, and it's hard to change the world... Rahul To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010203135902.M94275>