"The challenge with Postfix, or with any piece of software, is to update software without introducing problems"
About this Quote
Reliability is the real product here, not features. Venema’s line reads like a mild, commonsense observation, but it’s really a philosophy of engineering with a security researcher’s edge: change is the enemy you willingly invite in. Postfix, his mail transfer agent, sits in the least forgiving part of the internet’s plumbing. If it breaks, email stops; if it leaks, it becomes an attack surface. In that world, “update” isn’t a feel-good verb, it’s a high-stakes intervention.
The phrasing does quiet work. He pairs Postfix with “any piece of software” to generalize without bragging: this isn’t about his project’s quirks, it’s about the structural dilemma of modern computing. Updates are sold culturally as progress - new UI, new capabilities, a fresher version number. Venema reframes them as risk management. The subtext is a critique of the industry’s optimism bias: we act as if shipping is the hard part and patching is a routine chore, when patching is where unintended consequences breed.
It also nods to the “stable vs. secure” paradox practitioners live with. You patch to remove known vulnerabilities, but every patch is a new unknown. That tension is why mature projects value conservative defaults, incremental changes, rigorous regression testing, and the kind of humility that treats users’ uptime as sacred.
Venema’s intent isn’t to scare you off updates; it’s to remind you that the hardest problem in software isn’t invention. It’s stewardship.
The phrasing does quiet work. He pairs Postfix with “any piece of software” to generalize without bragging: this isn’t about his project’s quirks, it’s about the structural dilemma of modern computing. Updates are sold culturally as progress - new UI, new capabilities, a fresher version number. Venema reframes them as risk management. The subtext is a critique of the industry’s optimism bias: we act as if shipping is the hard part and patching is a routine chore, when patching is where unintended consequences breed.
It also nods to the “stable vs. secure” paradox practitioners live with. You patch to remove known vulnerabilities, but every patch is a new unknown. That tension is why mature projects value conservative defaults, incremental changes, rigorous regression testing, and the kind of humility that treats users’ uptime as sacred.
Venema’s intent isn’t to scare you off updates; it’s to remind you that the hardest problem in software isn’t invention. It’s stewardship.
Quote Details
| Topic | Coding & Programming |
|---|
More Quotes by Wietse
Add to List
