Admitting Defeat On K&R in LCTHW

I have lost. I am giving up after years of trying to figure out how I can get the message out that the way C has been written since its invention is flawed. Originally I had a section of my book called Deconstructing K&R C. The purpose of the section is to teach people to never assume that their code is correct, or that the code of anyone, no matter how famous, is free of defects. This doesn’t seem to be a revolutionary idea, and to me is just part of how you analyze code for defects and get better at making your own work solid.

Over the years, this one piece of writing has tanked the book and received more criticism and more insults than any other thing I’ve written. Not only that, but the criticisms of this part of the book end up being along the lines of, “You’re right, but you’re wrong that their code is bad.” I cannot fathom how a group of people who are supposedly so intelligent and geared toward rational thought can hold in their head the idea that I can be wrong, and also right at the same time. I’ve had to battle pedants on ##c IRC channels, email chains, comments, and in every case they come up with minor tiny weird little pedantic jabs that require ever more logical modifications to my prose to convince them.

The interesting data point is that before I wrote that part of the book I received positive comments about the book. It was a work in progress so I felt it’d need to be improved for sure. I even setup a bounty at one point to get people to help with that. Sadly, once they were blinded by their own hero worship the tone changed dramatically. I became actually hated. For doing nothing more than trying to teach people how to use an error prone shitty language like C safely. Something I’m pretty good at.

It didn’t matter that most of these detractors admitted to me that they don’t code C anymore, that they don’t teach it, and that they just memorized the standard so they could “help” people. It didn’t matter that I was entirely open to trying to fix things and even offered to pay people bounties to help fix it. It didn’t matter that this could get more people to love C and help others get into programming. All that mattered was I “insulted” their heroes and that means everything I said is permanently broken, never to be deemed worthy ever again.

Frankly, this is the deep dark ugly evil side of programming culture. They talk all day long of how, “We’re all in this together” but if you don’t bow to the great altar of their vast knowledge and beg them for permission to question what they believe you are suddenly the enemy. Programmers consistently go out of their way to set themselves up in positions of power that require others to pay homage to their brilliant ability to memorize standards or know obscure trivia, and will do their very best to destroy anyone who dares question that.

It’s disgusting, and there’s nothing I can do about it. I cannot help old programmers. They are all doomed. Destined to have all the knowledge they accumulated through standards memorization evaporate at the next turn of the worm. They have no interest in questioning the way things are and potentially improving things, or helping teach their craft to others unless that education involves a metric ton of ass kissing to make them feel good. Old programmers are just screwed.

I can’t do anything about their current power over younger new programmers. I can’t prevent the slander by incompetent people who haven’t worked as professional C coders…ever. And I’d rather make the book useful for people who can learn C and how to make it solid than fight a bunch of closed minded conservatives who’s only joy in life is feeling like they know more about a pedantic pathetically small topic like C undefined behavior.

With that in mind, I’m removing the K&R C part of the book and I finally have my new theme. I’ve wanted to rewrite the book but couldn’t figure out how to do it. I was held in limbo because I was personally too attached to something I felt was important, but that I couldn’t advance forward. I now realize this was wrong because it prevented me from teaching many new programmers important skills unrelated to C. Skills in rigor, code analysis, defects, security flaws, and how to learn any programming language.

Now I know that I will make the book a course in writing the best secure C code possible and breaking C code as a way to learn both C and also rigorous programming. I will fill it with pandering to the pedants saying that my humble book is merely a gateway to C and that all should go read K&R C and worship at the feet of the great golden codes held within. I will make it clear that my version of C is limited and odd on purpose because it makes my code safe. I will be sure to mention all of the pedantic things that every pedant demands about NULL pointers on a PDP-11 computer from the 1960s.

And then I will also tell people to never write another C program again. It won’t be obvious. It won’t be outright, but my goal will be to move people right off C onto other languages that are doing it better. Go, Rust, and Swift, come to mind as recent entrants that can handle the majority of tasks that C does now, so I will push people there. I will tell them that their skills at finding defects, and rigorous analysis of C code will pay massive dividends in every language and make learning any other language possible.

But C? C’s dead. It’s the language for old programmers who want to debate section A.6.2 paragraph 4 of the undefined behavior of pointers. Good riddance. I’m going to go learn Go.

UPDATE: I’m going to learn Go, Rust, and Swift. Holy crap. Stop being so religious about who learns what. I learn languages now to teach them to people, not because I plan on using them for anything. Don’t listen to me as a barometer of what’s cool now. Peace.

A Consumer Privacy Law

I’ve had an idea for a privacy law (or policy) that would directly target various privacy invading practices of many companies. The law targets a set of default practices that I’ve observed at several companies which to me are simply basic security failures. I remember one company I worked at had an employee who routinely scanned people’s files looking for juicy bits of information he could view. Other companies have been routinely caught allowing employees completely unfettered access to the accounts of loved ones, ex-girlfriends, and even users with restraining orders against the employee. In addition to this, when caught, these companies feign surprise that this even happens when everyone knows it was probably touted as a perk to employees.

There’s a host of problems that come from companies having complete access to any account they want and there being no way for an account holder to see them. What I propose is a set of policies that put this information in the hands of consumers and then let consumers choose. This set of policies constructs an access log viewable by consumers, and informs them of which companies can view their accounts. The goal is with this information consumers will choose companies that provide better access controls.

Any credentials collecting user interface has to prominently display which companies’ employees could view the credentials or the account.

When I use my phone and access my email, I know that my credentials are not given to my target server. Take an iPhone as the primary example. When I give it the credentials to a private IMAP account, I just know that Apple is collecting these credentials and scanning my email. I know every company is doing this. Users of a login screen have no idea who is seeing the credentials, if those credentials are stored, and who at what companies can see their account after they log in.

To solve the problem, simply display prominently which companies employees can see the account and credentials. Let’s say for example that the mail app on an iPhone proxies my email through an Apple server. The message would then be:

“These credentials accessible to employees of Google and Apple.”

A key component of this is that it cannot be stuffed into a privacy policy document. It has to be displayed right where they log in. Additionally this is for any credentials user interface, which includes Google’s weird collection of Wifi passwords. When you enter your Wifi password, Google has to display:

“These credentials accessible to employees of Google.”

This means that you now know that an employee at Google has the ability to look up your Wifi password, drive a car near your house, and log into your network to packet sniff your data.

Every company has to provide a user interface where an account holder can view the names of each person who has accessed their account, which company that person works for, and the reason for the access.

In the early days of Facebook there were rumors, since confirmed, that employees were stalking members they wanted to date without those members’ knowledge. This eventually led to other repeated privacy affronts until the FTC sued Facebook over them and eventually settled with them. Apparently Google, Twitter, Uber, and nearly every company that has accounts has this same problem. They always allow their employees unrestricted access until they get their ass sued off over it.

Interestingly enough, none of the settlements provide consumers with what they actually deserve which is an ability to see who at the company is snooping on them. If privacy is important, then it stands to reason that knowing who is potentially violating it is an important part of managing your personal security. This will stop stalkers from snooping on ex-girlfriends, employees from snooping on their enemies’ emails, or just basic voyerism that shouldn’t exist in the first place.

However, this part of the policy goes one step further by listing every person and the company they work for. This means if Google gives Ogilvy And Mather access to the traffic data of a million people, then Google has to list all of the Ogilvy employees who viewed that information.

Every company has to provide a statement as to how many people and companies can access an account and under what circumstances they are allowed to access it.

This would be required as part of the user interface that shows recent accesses to an account, and as link or expanded view on the credentials statement during logins. This is simply an estimate of the number of employees, what companies, and how easily they can access that account. If Apple is storing the credentials of my Gmail account, then Apple has to list on my account that both employees of Apple and Google can view my email, how many employees can, and what it takes for them to access it. If only two employees can access my email at Apple, and they need special permission, then I’ll know that. However, if every employee at Apple and Google can read me email without a password, then I’d know that too.

An account holder can provide the names of employees they refuse access to their account, and if those employees gain access the company is fined for every access.

Consumers have a right to explicitly name employees they refuse to have access to their account. This could be for anyone who has to use Google products, but knows that an abusive ex-husband works there, a stalker, or just about any employee they flat out don’t like. The company has to explicitly restrict access to this person, and has to immediately notify the user if they ever gain access.

Once a month, the company must email any account holders who have had a change in their access activity.

This is simply a means of making sure the company is telling the consumers when their account is being accessed. Companies love hiding information from consumers, burying the information in the bottom bowels of privacy statements and footnotes. As long as no employees are routinely accessing consumer information the company won’t have to do much. However, if there’s rampant privacy invasions by employees of users then the users will know about it they can do something about it.

All agents of a company must be identified as such when interacting with any account holder.

A final piece of the puzzle is that employees at a company have to be identified as such when interacting with users. The reason for this is it closes the loop on privacy violations and stalking concerns since an employee could be talking with a user, but also using private information to manipulate them and harass them. However, if you see an employee marked as such talking to you, then you know to immediately go look at your access log and see if they’ve been stalking you.

There’s an additional benefit in that it prevents companies from secretly manipulating their users by pretending to not be agents of the company. The scenario I envision here is where a marketing firm is given access to a large number of users, and then sets up fake users to manipulate their opinion of products. If an agent of a company is talking to me and I see they are labeled as an agent of the company I know they might be shilling.

Law Enforcement

Clearly there is no way we’ll ever get law enforcement to agree to any of the above. I’d say that accesses by law enforcement should be disclosed to the user after any investigations are over, but right, like any of that would happen. Because of this there would need to be provisions that access of a user’s account under the direction of a warrant does not need to be listed to the consumer, but it does need to be logged for later investigations.

Other Sectors

This policy could also be extended to other sectors such as Health Care, Government, Universities, and any organization that stores information on another person. If a random doctor is looking at my medical records then I should know about it. If someone from the IRS is looking at my medical history I should know about that. If a professor is checking out my university enrollment records I should know about it.

However, those organizations are going to be fairly reluctant to enact and kind of policy whereby a user can see who is looking at their information.

Employee Privacy

A small concern would be for employee privacy. If an employee is just doing regular maintenance on my account, at my request, then do I have a right to see their full name? On one side you could throw back the usual defense of, “If they have nothing to hide, then why are they worried about it?” However, I would say that as long as there’s enough information for a consumer to see different people and to question who is accessing their account, then it’d be allowed to hide employee last names or use employee codes. A proposal could be “John T.” as one way to list the name, or “John T. #213434, Google”.


Is this possible? Hell yes it’s possible. There’s nothing radical or onerous about what’s proposed. It’s actually just good security practice at any company to restrict access to accounts. All this does is provide consumers with the information they need to control who has access to their information. Give the consumers information and they will make choices based on what they feel is comfortable. On a technical level though, none of this is crazy hard.

Would it work though? I doubt it. If I were honest, I would say that privacy and security have been so fully eroded in internet culture that even when given this information consumers wouldn’t care. The only time they’d care is if it were an insane amount of abuse that was super obvious. Other than that, I think all the employees at Apple viewing Google email is something that the average consumer just sadly shrugs and accepts. But, it’s worth at least giving them the information they need to make decisions so that at least it’s by their own lack of choice, and not just because they assume a lie is the reality.

Will it ever happen? Aahahahahahahahahahahahaha. Hells no. You seriously think any company today wants to admit that they’ve got employees snooping on users and selling their information to subsidiaries, law enforcement, and marketing companies? You seriously think they want to implement any kind of this? I’m just proposing a total fantasy here, and the chance that some company will have the ethics necessary to do this is incredibly low. If a law like this were even proposed you would see a cash tsunami rain down on Washington DC like it was a Thai fishing village.

I just thought I’d write it up anyway, in case somebody is working on this right now.