Litany Against Software Dogma

The code is not me and I’m not the code.
I will look past the code in order to see the real problem.
And only when I’ve seen it shall I write code to solve it.
I’m not the code and the code is not me.
I will leave only the problem and solution for my successor.

Bad Sides of Nerd Culture

Some nerds pride themselves on deep thinking but I think this is the equivalent of being a fashionista in nerd culture. It’s just as much about territorial signaling as anything else. So in that sense nerd culture is just as perverse as the fashion industry in terms of what it values. This is especially prevalent among programmers where “deep thinking” is used as cover for psychological bullying and status jockeying. Security professionals and free software advocates are notorious for using these kinds of tactics.

Berating pragmatic approaches to security and closed source software without trying to empathize with someone who makes those choices is a nice way to surround oneself with a toxic clout of superiority.

The thing to notice here is that these tactics are negatively self-reinforcing. Any sane person eventually stops listening once the veneer of superiority starts to chip away. This leaves the group in an even more toxic state and virtually guarantees the group will eventually become a cult and die out from sequestration. So the group accomplishes none of what it wanted to and in many ways makes it harder for those that follow to associate themselves with the better ideals of what the non-toxic group stood for, i.e. educating people on better security and software licensing practices.

Dynamics, Aliasing, and Projection in Theory Space

constructing theories from “projections”

The comments on that twitter thread don’t do a good enough job of explaining what is going on in that picture and why it’s more meaningful than appears at first sight and thought.

Continue reading

Non-Argument Against Formal Methods

The cost/benefit tradeoff just can’t be solved for formal methods. There are far cheaper (in time, effort and financial cost) ways to write code with low enough incidences of bugs which are just more practical in almost all cases. Not to mention the fact that if you are manually implementing the code, someone can still just introduce bugs, and if you’re automatically generating the code, there can be bugs in that code generator, or if you’re using an automated verifier ther could be bugs in that. At some point a human had to write some code that can’t be proven to be “correct”.
Formal methods seem great for mathematicians and lousy for everyone who wants to make something productive in a reasonable time frame.

I call this a “goal post” argument and the argument strategy is about drawing an arbitrary boundary that something must be beyond to be valid. In this case the argument is about “trust” but if you break it down you notice it makes absolutely no sense. The author of that comment clearly “trusts” the hardware/CPU running their software. But, if they trust the hardware/CPU then they implicitly trust whatever process created the CPU and the process used to make the CPU was more people and software. So the whole argument collapses and they must trust the software. It’s circular reasoning in another guise.

What, Why, and How of Formal Methods


Now that I’m one of the organizer of the formal methods meetup it has become a bit more clear why most programmers are not familiar with the general landscape of formal methods. It’s mostly a lack of awareness about what is available out there so to help fill in the awareness gap this post is meant to serve as a brief introduction to some of the vocabulary and high level concepts of formal methods.

This post consists of 3 main sections. 1st is about the general concepts and high level classification(s) of formal methods. 2nd is about why we should care about formal methods in software engineering. 3rd is about concrete applications of formal methods and some pointers for how to apply them in day to day software engineering.

Continue reading


Here are rules for a new game. Here is how it compares to some old games and some of the benefits and drawbacks. Here is why you should play and other similar games that you might like.

If you try to change the rules then existing players will treat you with extreme prejudice and strongly (potentially violently) recommend you play some other game.

All games are inherently mutable and meta-games are what keep them “stable”. Somewhat unsurprisingly, no one understands the meta-game logic and all players follow meta-game rules implicitly. Meta-game rules are only ever broken by accident. Cosmic bit flips, if you will, are inevitable.

There is strong suspicion there is more than one meta-game.

There is also strong suspicion meta-game rules are immutable so changing meta-games requires simultaneously changing all the rules which makes it a much bigger discontinuous change than just changing a single rule in a regular game.

In the presence of rigid meta-games it’s easy to imagine why regular games would be an obvious way to experiment with potential meta-game swaps. Meta-players would want reasonable assurance their game changes were “beneficial” to them according to some metric.

Most reasonable game players eventually conclude meta-games and meta-players must exist but it’s hard to know for sure because some reasonable players are willing to admit meta-games without meta-players.

Functions aren’t ready for Assembly

Inspired by

In the distance, a gradual roar begins to grow in volume. A dust cloud is visible over the horizon. As it nears, the shouts of the oncoming angry mob can be heard. Suddenly, it stops, and a brief silence ensues. Then the air is filled with the clacking of hundreds of keyboards, angrily typing the owner’s opinion about functions, calling conventions, and Assembly. The clans of Algol, Cobol, Fortan, C, Forth, Lisp, and more – usually mortal enemies – have combined forces to fight in what may become one of the greatest flamewars of our time. And none of them read more than the title of this article before writing their comment.

Continue reading