From mboxrd@z Thu Jan 1 00:00:00 1970 From: Pierre Neidhardt Subject: Re: How to present Guix to a wider audience Date: Tue, 14 Jan 2020 12:23:37 +0100 Message-ID: <874kwyp9hi.fsf@ambrevar.xyz> References: <878smq41kg.fsf@ambrevar.xyz> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:52055) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1irKIT-0001wm-8P for help-guix@gnu.org; Tue, 14 Jan 2020 06:23:48 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1irKIP-0005Re-0h for help-guix@gnu.org; Tue, 14 Jan 2020 06:23:44 -0500 Received: from relay8-d.mail.gandi.net ([217.70.183.201]:37143) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1irKIO-0005Qx-MQ for help-guix@gnu.org; Tue, 14 Jan 2020 06:23:40 -0500 Received: from bababa (lfbn-idf2-1-1340-76.w92-169.abo.wanadoo.fr [92.169.151.76]) (Authenticated sender: mail@ambrevar.xyz) by relay8-d.mail.gandi.net (Postfix) with ESMTPSA id F29C81BF20E for ; Tue, 14 Jan 2020 11:23:37 +0000 (UTC) In-Reply-To: <878smq41kg.fsf@ambrevar.xyz> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+gcggh-help-guix=m.gmane-mx.org@gnu.org Sender: "Help-Guix" To: help-guix@gnu.org --=-=-= Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" --==-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable I just wrote a short draft which hopefully should explain in layman terms why Guix matters. I tried to keep short (< 1000 words) and to stick to non-technical vocabula= ry. Let me know what you think! =2D-=20 Pierre Neidhardt https://ambrevar.xyz/ --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEUPM+LlsMPZAEJKvom9z0l6S7zH8FAl4dpLkACgkQm9z0l6S7 zH+sZQf7B6THKk3GD9jRXHwxBXtkp4SDIyZW+Pc3YHEZbjLDfmKOY23iiy86+beW PE2F4hiPh91dfvLgviw7Kc57lbCr1BlcFTqqITI3fOKblq8G9IOT8412UQQjkri1 h0EGfVVENeIo++fB7S8+PXKG0YQs7GTbuMXKBwLqG7Q2mssO2CWFrpStBMiUTBIY 4UsmakM701M1Z+wAb3Ot/f+lJpdP+AiFFRvOqL4QmkuKFzDDxun+BT3yCEab05p+ zl/6w8vxkZVKqOwN37BOXxU42MldXV4EswZJxJNSmnZDioLfRQsMPZ+EVUSJbE3f cemkU4SI9jBdvbyqfS0uxT4Vf7X93A== =PkkL -----END PGP SIGNATURE----- --==-=-=-- --=-=-= Content-Type: text/x-org Content-Disposition: attachment; filename=guix-why-matters.org #+TITLE: Why Guix matters Have you ever installed an application on a computer, a smartphone or your favourite smart device? Can you trust that it does its job instead of doing the opposite of what it displays on screen or, worse, compromise your data and your private life? How can you know? You might think "Let's use free and open source software!" The bad news: it's far, very far from being enough. This is a hard and yet very real problem that hits our everyday life constantly. Consider this: the digital pictures of our loved ones, banking operations, the (political?) news feed that we read, our contacts and the communication with our friends and colleagues; all of it happens through applications. How can we protect ourselves from deceit? How can we guarantee trust in the machines that we use? First, we need to understand how applications are made. * The assembly line of software Applications are /written/ in the form of /source code/, which is a series of instructions for the computer stored as text files. But the machine cannot read theses files directly: it must first be /compiled/ into /machine code/. The resulting /compiled application/ can then be run by the user. While source code access gives you a pretty high level of transparency and allows you to inspect what the program will do, compiled programs are a practically unreadable sequence of 1 and 0. They are effectively /black boxes/. * Open source is not enough We might be tempted to think that free open source software gives us transparency about what's in the application. While the compiled application we download from the Internet is a black box, we could just compile the source code ourselves and compare the result with the downloaded application, right? If it's identical, then we are good. So why is free, open source software not trustworthy then? Because when you compile the source code twice, chances are that you'll get slightly /different black boxes/. In practice this means that it's almost always impossible to /reproduce/ the exact same compiled application that is offered for download. It's enough that merely one 0 or 1 got flipped for the behaviour of the application to change completely. In other words, if two applications are not identical to the bit, everything can happen and all trust vanishes. This lack of reliability in the compilation of applications comes from the "chaos" in the machine environment: slightly different software used for compilation (e.g. different versions), different hardware, different date... The slightest difference in the compilation environment is susceptible to flip a bit. This is called the /reproduciblity/ problem. * Software is made with software The compiler is also an application that must be compiled, by another compiler, from some source code. The same applies to this other compiler, and so on. It seems to be a chicken and egg problem: can we ever trust any compiler then? It is actually possible: if we go up the chain of compilers far enough, we reach a level where have a trivial "machine level" compiler that can build a simple compiler. This machine-readable file is small enough that it is no longer a black box and can be inspected by humans. The simpler compiler can in turn build a more complex compiler, etc., until we get today's compilers. This is called the /bootstrappability/ problem. * Trust all the way To sum up, we need the following properties in order to be able to trust computer software: - Free and open source software. - Reproducibility. - Bootstrappability. This is only useful it the entire software running on your machine obeys these principles. A single black box on your machine can wreck havoc. In other words, the entire /operating system/ itself must be free and open source software, reproducible and bootstrappable. This is precisely [[https://guix.gnu.org][Guix]]' stated goal: Offer a strong guarantee of reliability and trust. - Reliability: It just works, and more importantly, it will always work. No more unexpected, random behaviour; no more "software erosion." - Trust: Work is in progress to fully /bootstrap/ the software assembly line, which means everything will soon be fully transparent.. What's even more interesting with Guix is the that this novel approach to operating systems gives it great usability benefits: - Unbreakable system and time travel: Have you ever updated a system only to restart it broken or less functional? (Say there was a power cut during the upgrade.) With Guix you keep a history of all previous /states/ of the system, even when you change the configuration manually. If something breaks, you can always go back in time. No more fear of updates or tinkering around with the settings! - Separate multi-user application collections: on a multi-user system, every user can install their favourite applications independently. Applications don't "pollute" the other user sessions. - Multiple versions: Sometimes you'll need an older version of a program (for instance to support an old format or a feature that's gone in a newer version). Guix allows to install multiple versions of the same program in parallel. * Can everyone use Guix? Guix is currently (January 2020) actively developed by a community of programmers from all over the world. It is stable and can be used in a number of settings, from laptop and desktop computers to servers and scientific computing. More work needs to be done in terms of accessibility and easy of use so that the less technically-minded among us can also enjoy Guix some day. Then, hopefully, we will find Guix preinstalled on computers, ready for everyone to use. If you'd like to contribute in some way, feel free to [[https://guix.gnu.org/contact/][reach out to us!]] * References - https://guix.gnu.org: The home page of Guix with blog articles, documentation, videos and more. - https://nixos.org/: The other operating system that targets similar goals. Nix was an inspiration for Guix. - https://en.wikipedia.org/wiki/Backdoor_(computing)#Compiler_backdoors: Compilers can be malicious and create malicious compilers in turn. This is commonly known as the "Thompson attack," as first mentioned in the speech "Reflections on Trusting Trust" by Ken Thompson. - https://reproducible-builds.org/: Technical information on reproducibility. - https://bootstrappable.org/: Technical information on bootstrappability. - https://www.gnu.org/software/mes/: GNU Mes is a project that aims at bootstrapping the main compilers until stage0. - https://savannah.nongnu.org/projects/stage0: The "machine-level" compiler that both readable by machines and humans. --=-=-=--