1
00:00:00,000 --> 00:00:12,160
Welcome to the NGI Zero podcast where we talk to the people who are building the Next Generation

2
00:00:12,160 --> 00:00:13,160
Internet.

3
00:00:13,160 --> 00:00:14,880
I am Ronny Lam.

4
00:00:14,880 --> 00:00:16,840
And I am Tessel Renzenbrink.

5
00:00:16,840 --> 00:00:21,120
We're both from an NLnet, a foundation which supports people who are working on a free

6
00:00:21,120 --> 00:00:23,200
and open internet.

7
00:00:23,200 --> 00:00:25,440
Our guest today is Janneke.

8
00:00:25,440 --> 00:00:32,280
He is a physicist, the co-founder of GNU LilyPond, co-founder of Doe040, the democratic

9
00:00:32,280 --> 00:00:37,280
school in Eindhoven, a Guix developer and founder of GNU Mes.

10
00:00:37,280 --> 00:00:42,480
The GNU Mes project received several NGI Zero grants and that's what we'll be talking

11
00:00:42,480 --> 00:00:43,480
about today.

12
00:00:43,480 --> 00:00:46,880
Hi Janneke, nice to have you here.

13
00:00:46,880 --> 00:00:49,200
Yeah, great to be here.

14
00:00:49,200 --> 00:00:50,200
Thanks for having me.

15
00:00:50,960 --> 00:00:57,320
Okay, we have devised three short questions that would let our listeners know everything

16
00:00:57,320 --> 00:00:59,800
about you if you have answered them.

17
00:00:59,800 --> 00:01:04,000
So everything, everything.

18
00:01:04,000 --> 00:01:05,000
So here we go.

19
00:01:05,000 --> 00:01:08,000
Emacs or Vim?

20
00:01:08,000 --> 00:01:09,920
Emacs.

21
00:01:09,920 --> 00:01:12,200
Star Trek or Star Wars?

22
00:01:12,200 --> 00:01:16,760
Wow, that's a difficult one.

23
00:01:16,760 --> 00:01:20,920
In my youth, Star Trek, now definitely Star Wars.

24
00:01:20,920 --> 00:01:23,320
And the final one.

25
00:01:23,320 --> 00:01:26,320
There is life outside our solar system.

26
00:01:26,320 --> 00:01:28,800
We are alone.

27
00:01:28,800 --> 00:01:33,520
There's life outside our solar system.

28
00:01:33,520 --> 00:01:35,820
Agreed.

29
00:01:35,820 --> 00:01:38,180
So you work on operating systems.

30
00:01:38,180 --> 00:01:41,280
What key issues do you see in this field?

31
00:01:41,280 --> 00:01:43,960
Yeah, that's a good question.

32
00:01:44,160 --> 00:01:49,480
When you say I work on operating systems, I was going, am I doing that?

33
00:01:49,480 --> 00:01:59,440
So in my mind, I'm working on problems that I see in the world, especially when I think

34
00:01:59,440 --> 00:02:02,880
there's an elegant solution for the thing.

35
00:02:02,880 --> 00:02:12,000
So I got involved in GNU Guix, yeah, sort of by chance, because I love Scheme.

36
00:02:12,040 --> 00:02:18,200
I think the world would be a better place if people started using functional programming

37
00:02:18,200 --> 00:02:22,040
more, because that's a real help.

38
00:02:22,040 --> 00:02:29,840
So I got into Guix because I started to use Guile more in my programming.

39
00:02:29,840 --> 00:02:38,080
And I love the idea of, yeah, say the idea behind Guix.

40
00:02:38,160 --> 00:02:46,160
Guix is of course implementing the Nix thesis, which for me boils down to the fact of the

41
00:02:46,160 --> 00:02:54,120
observation that a traditional package management is actually a broken system.

42
00:02:54,120 --> 00:02:55,600
If you're lucky, it works.

43
00:02:55,600 --> 00:03:02,120
And if you put in a lot of hard work, you can get it to almost always work.

44
00:03:02,160 --> 00:03:09,320
But in essence, what you want for a package manager is to describe all the dependencies

45
00:03:09,320 --> 00:03:11,000
that a program has.

46
00:03:11,000 --> 00:03:14,680
That is what Nix does and that was Guix does.

47
00:03:14,680 --> 00:03:21,720
So I love an elegant solution for a problem that people are ignoring.

48
00:03:21,720 --> 00:03:28,080
OK, so that's you describing what you think is important.

49
00:03:28,080 --> 00:03:31,840
And then how does GNU Mes add to that?

50
00:03:32,000 --> 00:03:34,320
How does it contribute?

51
00:03:34,320 --> 00:03:42,200
Yeah, so when I started working on Geeks, I started reading a manual, especially Ludovic

52
00:03:42,200 --> 00:03:47,800
Courtès did a great job of writing a beautiful manual.

53
00:03:47,800 --> 00:03:56,320
But somewhere in the manual, he explains how the packages in Guix are an acyclic directed

54
00:03:56,320 --> 00:04:06,240
graph, their dependencies and that in Guix, and the same goes for Nix, by the way, if

55
00:04:06,240 --> 00:04:13,720
you install or build a package, what you do is philosophically, you build it from source

56
00:04:13,720 --> 00:04:16,600
together with all its dependencies.

57
00:04:16,600 --> 00:04:22,000
And that goes for every package, except for the bootstrap binaries.

58
00:04:22,000 --> 00:04:31,120
And in the manual, I read the text of Ludovic, where he said, well, that last thing, the bootstrap

59
00:04:31,120 --> 00:04:36,480
binaries, we can rebuild them, of course, but they are not built from source.

60
00:04:36,480 --> 00:04:43,120
And that is a problem because they cannot be, they are opaque and they're pretty large

61
00:04:43,120 --> 00:04:45,360
and they cannot be inspected.

62
00:04:45,360 --> 00:04:57,680
So at the same time, when I joined Geeks around 2016 was that there was another project by

63
00:04:57,680 --> 00:05:05,600
Jeremiah Orians, the Stage0 project, where he built a self hosting hex assembler program

64
00:05:05,600 --> 00:05:12,160
in a couple of hundred bytes, I think, three hundred and fifty seven at the time.

65
00:05:12,160 --> 00:05:14,840
And I combined those two those two things.

66
00:05:14,920 --> 00:05:21,080
So the problem we have in Geeks that we trust binaries that we don't build from source and the

67
00:05:21,080 --> 00:05:29,080
inspiration of a 200 and well, 200 or 300 byte program that can build itself.

68
00:05:30,520 --> 00:05:39,160
And my idea was Mes can bridge the gap between an assembly, a simple assembly language and bring

69
00:05:39,160 --> 00:05:45,160
it up to a to Scheme to a high level programming language.

70
00:05:45,160 --> 00:05:47,800
And from there, we can probably bootstrap the whole system.

71
00:05:47,800 --> 00:05:51,800
So that's how I started with that.

72
00:05:51,800 --> 00:06:00,440
So what Mes tries to do is to make software bootstrapable or the Guix system bootstrapable.

73
00:06:01,160 --> 00:06:09,800
So you said you had a binary blob of two hundred fifty three hundred megabytes or something, you said.

74
00:06:10,520 --> 00:06:11,960
And you put it down to?

75
00:06:13,320 --> 00:06:20,520
Ah, no. So the program by Jeremiah Orians was three hundred and fifty seven bytes.

76
00:06:21,880 --> 00:06:24,920
So really small, less than a K, one K.

77
00:06:25,640 --> 00:06:27,800
And that program can build itself.

78
00:06:28,760 --> 00:06:35,080
So that's really on the small kind of range of the spectrum.

79
00:06:35,080 --> 00:06:39,800
And on the other range of the spectrum was the bootstrap binaries that we have in Guix.

80
00:06:40,520 --> 00:06:43,720
Those were two hundred and fifty megabytes.

81
00:06:45,320 --> 00:06:52,200
The traditional distributions use a much larger binary seed, often twice as large.

82
00:06:52,200 --> 00:06:56,120
So half a gigabyte of opaque binaries.

83
00:06:58,120 --> 00:07:04,200
And using Guix, yes, we brought that down from two hundred and fifty megabytes to.

84
00:07:05,240 --> 00:07:11,000
Well, depends on how you're counting the upper limit, is twenty megabytes.

85
00:07:11,000 --> 00:07:17,640
So a factor of ten, an order smaller, because we still depend on stuff, of course.

86
00:07:17,640 --> 00:07:24,440
But we build everything from source, starting from this couple of hundred bytes currently in,

87
00:07:24,440 --> 00:07:25,560
if you install Guix.

88
00:07:26,440 --> 00:07:28,280
Wow, that's that's that's amazing.

89
00:07:29,080 --> 00:07:37,160
I think so, too. I never thought we would achieve actually achieve this in so little time.

90
00:07:37,800 --> 00:07:43,720
And this this three hundred fifty seven bytes, they are assembly?

91
00:07:44,520 --> 00:07:46,840
Yeah, there are there are they it's.

92
00:07:47,320 --> 00:07:56,040
It's a Jeremiah calls it an hex assembler, so it's a custom assembler.

93
00:07:56,040 --> 00:08:00,200
And actually, that is written in machine code.

94
00:08:00,200 --> 00:08:03,160
So it's architecture dependent.

95
00:08:03,160 --> 00:08:07,720
So for every architecture, there's there's another binary.

96
00:08:08,680 --> 00:08:12,360
And it's a real, real simple language.

97
00:08:12,360 --> 00:08:19,240
Simply you enter the bytes, but then an ASCII.

98
00:08:19,240 --> 00:08:20,520
So if you want to.

99
00:08:21,240 --> 00:08:23,160
So you're actually writing machine code.

100
00:08:23,160 --> 00:08:29,880
So you write the instructions, the opcodes and operands simply in numbers.

101
00:08:30,440 --> 00:08:38,120
But there's also a comment mark, a comment character, which is a pound sign.

102
00:08:38,120 --> 00:08:43,240
And you, after that, you manually write which instruction is going to be,

103
00:08:45,960 --> 00:08:47,640
what the instruction actually is.

104
00:08:47,640 --> 00:08:49,480
So you write machine code.

105
00:08:51,400 --> 00:08:57,800
But in that machine code, that program, the hex 0 program can interpret

106
00:08:58,600 --> 00:09:02,920
its ASCII variant and produce a running executable from itself.

107
00:09:02,920 --> 00:09:03,960
So it's self hosting.

108
00:09:04,600 --> 00:09:13,560
Can you take us along a bit and you look at the very beginning, you look at 250 megabytes.

109
00:09:13,560 --> 00:09:17,800
What what kind of steps did you do to to reduce it like this?

110
00:09:19,080 --> 00:09:19,560
Yes.

111
00:09:19,560 --> 00:09:23,880
So the 250 megabytes is...

112
00:09:25,640 --> 00:09:28,680
I first start looking what's what's in there, of course.

113
00:09:28,680 --> 00:09:32,840
So it's the usual suspects is it's gcc.

114
00:09:32,840 --> 00:09:34,200
It's G Libc.

115
00:09:34,920 --> 00:09:47,480
It's binutils stuff like awk and sed and coreutils and tar and gzip, stuff like that.

116
00:09:48,680 --> 00:09:56,280
So I figured what we really need to remove there is gcc, G Libc and binutils.

117
00:09:56,280 --> 00:09:57,960
So I started focusing on that.

118
00:09:58,840 --> 00:10:06,680
So after I got Mes a bit started and it was able to compile a trivial C program,

119
00:10:07,720 --> 00:10:11,320
I asked around on the the Guile user mailing list.

120
00:10:11,320 --> 00:10:13,240
Can somebody help me with this?

121
00:10:13,240 --> 00:10:14,600
I have this idea.

122
00:10:15,240 --> 00:10:23,560
I'd like to build a C compiler in Scheme so that... The idea was that we could build gcc,

123
00:10:23,560 --> 00:10:29,480
G Libc and binutils without using gcc, G Libc and binutils.

124
00:10:29,480 --> 00:10:31,560
So that that was the initial idea.

125
00:10:31,560 --> 00:10:38,520
So we replaced gcc by a smaller C compiler binary.

126
00:10:39,320 --> 00:10:40,280
That was step one.

127
00:10:40,840 --> 00:10:41,880
That was step one.

128
00:10:41,880 --> 00:10:48,920
So Mes is a Scheme interpreter and I just replaced the gcc binary in our bootstrap

129
00:10:49,080 --> 00:10:53,160
binaries by the Mes binary.

130
00:10:53,720 --> 00:10:59,480
But it's a lot smaller than it's two orders of magnitude smaller than gcc.

131
00:11:00,680 --> 00:11:04,680
That's the first thing that I did and I wrote a C compiler in Scheme.

132
00:11:06,280 --> 00:11:12,040
I was wondering if I could compile gcc maybe with that C compiler,

133
00:11:12,040 --> 00:11:17,400
but it's terribly slow and the ccc source code,

134
00:11:17,400 --> 00:11:23,400
even if you look at gcc 1.0, uses pretty funky C.

135
00:11:26,920 --> 00:11:32,520
So we found another smaller C compiler project, which is TinyCC.

136
00:11:34,040 --> 00:11:44,280
TinyCC has an explicit target or goal for what they do is to be able to compile gcc.

137
00:11:45,000 --> 00:11:55,960
And TinyCC is four times smaller than gcc 1.0, so only 20 to 25,000 lines of C code.

138
00:11:56,600 --> 00:12:00,840
And it doesn't use many funky C construct.

139
00:12:00,840 --> 00:12:02,840
It's relatively simple C.

140
00:12:03,400 --> 00:12:04,680
So I focused on that.

141
00:12:05,240 --> 00:12:13,080
And yeah, so the first real milestone was when I was able to compile a working TinyCC using Mes.

142
00:12:13,960 --> 00:12:17,720
And does GNU Mes only work for GNU Guix?

143
00:12:18,440 --> 00:12:21,080
At the moment, sadly, that is the case.

144
00:12:21,640 --> 00:12:24,760
So there's no inherent limitation.

145
00:12:25,720 --> 00:12:35,960
As I write in my blob or blurb of Mes, I'd like Mes to help bootstrapping all

146
00:12:37,080 --> 00:12:42,520
free Linuxes or free Unix distributions even.

147
00:12:43,400 --> 00:12:51,400
But so far, only Guix has adopted the Mes bootstrap path.

148
00:12:52,040 --> 00:12:54,520
Could NixOS, for example, be the next one?

149
00:12:55,240 --> 00:12:56,440
Yeah, I'm hoping.

150
00:12:56,440 --> 00:13:05,000
So about a year ago, I think there's been an effort by Emily, and I forgot her last name,

151
00:13:06,120 --> 00:13:12,440
Emily Trau, who actually got, I think, one or two PRs into Nix.

152
00:13:13,880 --> 00:13:19,800
To build Mes, so to bootstrap Mes using stage0.

153
00:13:19,800 --> 00:13:25,080
So it's already a much more mature path than what I just described.

154
00:13:25,720 --> 00:13:35,080
But as far as I know, the effort of working on a full bootstrap into Nix is currently stalled.

155
00:13:35,080 --> 00:13:41,080
So we talked about this also at FOSDEM this year to see if we can somehow

156
00:13:41,880 --> 00:13:51,320
nudge some Nix developers to help Emily get an NLnet grant and bring this to Nix,

157
00:13:51,960 --> 00:13:55,000
because this really should be the next step, I believe.

158
00:13:55,880 --> 00:13:56,600
Yeah, great.

159
00:13:58,840 --> 00:14:08,760
And maybe for people that maybe may not understand the importance of this,

160
00:14:09,400 --> 00:14:18,600
what is the importance of being able to bootstrap the whole operating system?

161
00:14:19,720 --> 00:14:26,280
Yeah, I think it's very easy to underestimate the importance of it.

162
00:14:27,000 --> 00:14:33,640
I would like to ask the question, we all love free software, and it's,

163
00:14:33,720 --> 00:14:39,320
if you ask the question, why is it important to use free software?

164
00:14:39,320 --> 00:14:45,480
Well, of course, I want to have control over my machine, privacy, being autonomous,

165
00:14:45,480 --> 00:14:51,080
that kind of thing, being able to create a community and build things together.

166
00:14:52,120 --> 00:15:00,280
But can you really speak of a program being free software if you cannot bootstrap it?

167
00:15:01,160 --> 00:15:02,280
That would be my question.

168
00:15:03,640 --> 00:15:11,880
I would argue, but I know that I have plenty of discussions and people disagree with me,

169
00:15:11,880 --> 00:15:13,800
but there are also people who agree.

170
00:15:14,600 --> 00:15:21,720
I would say that if you have a free software program that cannot be bootstrapped,

171
00:15:22,440 --> 00:15:24,440
that it's not free software.

172
00:15:24,440 --> 00:15:27,880
So for me, it would be essential to free software.

173
00:15:28,680 --> 00:15:35,160
So if you cannot inspect the code from the ground up, you cannot trust the operating system?

174
00:15:36,120 --> 00:15:42,840
Yeah, so it boils down to Ken Thompson's Trusting Trust paper, where he shows that

175
00:15:43,640 --> 00:15:53,480
if somehow something in your stack, for example, your C compiler is tainted or compromised,

176
00:15:54,440 --> 00:15:59,640
your whole system, you cannot trust anything of your system.

177
00:15:59,640 --> 00:16:01,640
You have to trust initial binaries.

178
00:16:02,360 --> 00:16:05,880
So you always have to trust something.

179
00:16:05,880 --> 00:16:10,680
There's the hardware and there's other stuff and you cannot inspect all source code by yourself.

180
00:16:11,640 --> 00:16:19,320
But I think it makes sense to reduce the amount of trust that you need as much as possible.

181
00:16:19,960 --> 00:16:21,160
Yeah, yeah, indeed.

182
00:16:21,160 --> 00:16:21,720
Yes.

183
00:16:21,720 --> 00:16:24,440
And this is a great step towards that.

184
00:16:25,320 --> 00:16:26,680
So I would, yeah, thank you.

185
00:16:26,680 --> 00:16:29,800
So I've been playing with the idea,

186
00:16:29,800 --> 00:16:31,640
I haven't announced it yet.

187
00:16:32,440 --> 00:16:34,680
And maybe it's just to stir things up.

188
00:16:34,680 --> 00:16:43,160
But I was thinking about the idea that we have the four software freedoms as published by the FSF,

189
00:16:43,800 --> 00:16:48,120
that we might need a fifth freedom, Freedom Four.

190
00:16:48,120 --> 00:16:53,720
Freedom four, the freedom to bootstrap the program and recreate it bit for bit.

191
00:16:54,360 --> 00:16:59,960
So if a binary is available and you can't build it totally from source,

192
00:17:00,600 --> 00:17:04,760
how would you ever exercise freedom zero to run it as you wish?

193
00:17:05,640 --> 00:17:12,440
Yeah, and I think adding to that, another important thing is if you want to have

194
00:17:12,520 --> 00:17:17,320
true freedom, you want to run this on open hardware.

195
00:17:18,440 --> 00:17:19,080
Yeah.

196
00:17:19,080 --> 00:17:25,400
And so that the hardware can also be inspected at least during build time.

197
00:17:26,840 --> 00:17:34,760
That's why I'm so happy with the effort of Ekaitz Zárraga and Andrius Štikonas,

198
00:17:34,760 --> 00:17:41,560
who've been working for a couple of years now, I think very hard and thankfully sponsored by

199
00:17:41,560 --> 00:17:49,320
an NLnet too on bringing this bootstrap to RISC-V, which could be a big boost for the bootstrap too.

200
00:17:50,120 --> 00:17:51,480
Yeah, yeah, indeed.

201
00:17:51,480 --> 00:17:51,980
Yeah.

202
00:17:53,320 --> 00:17:55,960
So what are the next steps for the project?

203
00:17:56,920 --> 00:17:59,160
Yeah, I've been thinking about that.

204
00:18:00,840 --> 00:18:04,920
And in a way, I've been doing this for eight years now.

205
00:18:04,920 --> 00:18:10,040
And it's always been pretty obvious what the next logical step would be.

206
00:18:11,000 --> 00:18:16,600
And since one and a half years, we now have this bootstrap in Guix.

207
00:18:17,480 --> 00:18:26,520
My idea was and my hope was that when we would show that it would be possible to do because

208
00:18:28,840 --> 00:18:35,800
I've talked to a big sigh, I've talked to a lot of naysayers the past decade.

209
00:18:36,360 --> 00:18:41,000
This cannot be done and if you can do it, why bother, that kind of thing.

210
00:18:41,720 --> 00:18:47,320
I think it's fun and it's essential and it can be done.

211
00:18:47,960 --> 00:18:54,520
So I figured when more people learn about this, they would join

212
00:18:56,360 --> 00:19:03,000
and most work would be taken off of my hands, so to speak.

213
00:19:03,880 --> 00:19:09,640
And of course, we have a technical roadmap.

214
00:19:09,640 --> 00:19:17,240
So currently, the bootstrap uses an ancient version of gcc, gcc 295,

215
00:19:17,960 --> 00:19:27,640
which isn't a big problem because it works, but it only works for 32-bit x86.

216
00:19:28,600 --> 00:19:31,080
So that's where the RISC-V effort comes in.

217
00:19:31,080 --> 00:19:36,920
So we need to get rid of gcc or ancient software, but especially gcc 2.

218
00:19:38,040 --> 00:19:41,080
And there are other things in the bootstrap that we want to clean up.

219
00:19:42,200 --> 00:19:48,840
Currently, we still use some implementation of coreutils in the bootstrap.

220
00:19:51,480 --> 00:19:57,160
We have a Scheme implementation, which is called Gash with its Gash utils,

221
00:19:57,160 --> 00:20:02,120
which we run on the Guile driver of Guix.

222
00:20:02,920 --> 00:20:08,760
That path cannot be used by Nix, of course, because they have no Guile binary.

223
00:20:09,400 --> 00:20:12,120
So we have to get rid of that thing.

224
00:20:12,120 --> 00:20:14,440
We are pretty far there, but that has to be done.

225
00:20:15,240 --> 00:20:17,640
Those are the biggest two technical challenges.

226
00:20:18,920 --> 00:20:24,280
But far more important is to grow the adoption, like we talked about before.

227
00:20:24,760 --> 00:20:29,320
It would be amazing if they got into Nix because that community is,

228
00:20:30,520 --> 00:20:34,520
I think it's 10 times as large, if not bigger than Guix.

229
00:20:36,040 --> 00:20:38,040
It would be great to have this in Debian.

230
00:20:39,320 --> 00:20:45,720
To summarize, the next step for me is not so much technical, but

231
00:20:46,600 --> 00:20:55,240
much more inspirational, getting other communities involved in the importance of bootstrapping.

232
00:20:56,040 --> 00:21:06,120
For example, the people who built G Libc and gcc, or people who build a kernel and decide to add

233
00:21:06,120 --> 00:21:14,280
Rust to it. I would love for them to learn about bootstrapping, to learn about bootstrapping,

234
00:21:14,280 --> 00:21:20,840
to realize how important it is, and to take responsibility for their software to

235
00:21:20,840 --> 00:21:25,800
remain or become fully bootstrappable.

236
00:21:28,600 --> 00:21:36,840
To be honest, we showed that it can be done for a current system that depends on C,

237
00:21:36,840 --> 00:21:40,840
but the world goes very fast and everything is Rustified.

238
00:21:41,720 --> 00:21:47,080
And the bootstrapping community is just too small and will probably

239
00:21:50,280 --> 00:21:54,760
always be too small to carry this burden of making

240
00:21:56,280 --> 00:21:59,640
softwares that have become non-bootstrappable bootstrappable again.

241
00:22:00,200 --> 00:22:04,680
It would be great if it would become a no-brainer for free software.

242
00:22:05,640 --> 00:22:10,280
So if anyone has ideas how to best do that, I'm all ears.

243
00:22:11,720 --> 00:22:15,720
Not off the top of my head, if I'm honest.

244
00:22:18,200 --> 00:22:25,640
Can you tell us something about the community behind GNU Mes and the bootstrappable people?

245
00:22:25,640 --> 00:22:30,200
Yeah, so it's a very friendly community.

246
00:22:30,280 --> 00:22:41,720
I started this effort in 2016, just mailing to the Guile mailing list and the Guile user

247
00:22:41,720 --> 00:22:48,760
mailing list, and Ludovic Courtès has been one of my first supporters, which maybe isn't

248
00:22:48,760 --> 00:22:54,360
so surprising because he wrote in his manual about Guix how important bootstrapping is.

249
00:22:54,440 --> 00:23:00,920
But it's been very important to have, and from other people in the Guile community also,

250
00:23:00,920 --> 00:23:07,320
they didn't really help with the technical work, but they cheered me on in the beginning

251
00:23:07,320 --> 00:23:13,080
and said, yay, go for this, this is great. So that was really great.

252
00:23:13,080 --> 00:23:20,680
And Ricardo Wurmus, also a Guix developer, took it upon him to create a bootstrapping

253
00:23:20,680 --> 00:23:26,680
IRC channel. And initially we were, I think the first year we were with five or ten people on

254
00:23:26,680 --> 00:23:36,280
there and it's grown to, yeah, 100 plus, 120 maybe, even people who are working on bootstrap

255
00:23:36,280 --> 00:23:45,240
relating things or cheering us on. So that's the online community, how it started. So Jeremiah

256
00:23:45,400 --> 00:23:50,360
Orians was in the beginning a big help. We helped each other and coached each other

257
00:23:50,360 --> 00:23:57,160
through our problems. And what was also really great was the reproducible builds community.

258
00:23:57,880 --> 00:24:07,640
I went to the reproducible builds summits in 2017 and 18 and 19, the first two were in Berlin.

259
00:24:07,640 --> 00:24:14,120
And yeah, we got a podium there within the reproducible builds community to start a

260
00:24:14,120 --> 00:24:21,720
bootstrappable subgroup and that a lot of great ideas came from there. So the first things I

261
00:24:21,720 --> 00:24:31,480
actually used was Matt Wette's NYACC or NYACC C parser. So he wrote 

262
00:24:31,480 --> 00:24:40,200
a parser for C in for Guile scheme.

263
00:24:41,160 --> 00:24:49,320
And he helped a bit to make it fit for Mes. So Mes is using Matt Wette's NYACC to parse

264
00:24:50,360 --> 00:24:55,880
C programs such as TinyCC. There wasn't a lot of cooperation in the sense that we,

265
00:24:56,120 --> 00:25:01,320
I wrote a few patches and he wrote some things I think for Mes, but mostly used,

266
00:25:01,320 --> 00:25:08,600
worked on us on our own projects. Same as Jeremiah Orians, but we made it fit together. And

267
00:25:09,800 --> 00:25:19,640
yeah, that was really great. And of course, after some time, Jeremiah proposed to write

268
00:25:20,440 --> 00:25:30,360
M2-Planet, which is a bootstrappable, yeah, sub C compiler. So it is a subset of C.

269
00:25:30,360 --> 00:25:44,280
Some people say I cannot call it C because it breaks some C rules, but it is, when Jeremiah did

270
00:25:44,280 --> 00:25:53,480
that, it allowed me to dumb down the Mes C code base even further so that we could align

271
00:25:54,120 --> 00:26:00,120
or yeah, align our two projects to work together. So I've worked a lot with Jeremia,

272
00:26:00,120 --> 00:26:08,040
which was a big help. And yeah, the past years, more people joined. There's the live bootstrap

273
00:26:09,000 --> 00:26:19,000
project, which implements a bootstrap outside of any distribution, just as a reference implementation.

274
00:26:19,000 --> 00:26:24,920
But yeah, the community has been really great, especially the last year with

275
00:26:24,920 --> 00:26:33,160
Ekaitz and Andrius, where we talk on IRC about all our problems and people just listen

276
00:26:33,800 --> 00:26:42,040
and rubber duck you and help you with the problems, sometimes even debug it. So I guess it helps that

277
00:26:43,640 --> 00:26:49,880
it was a small community and that we achieved what we set out to do. So yeah, it's very friendly.

278
00:26:49,880 --> 00:26:54,520
And without that, I surely would have given up. Yeah.

279
00:26:55,480 --> 00:27:03,000
And just curious, like what do you like most about the project? I mean,

280
00:27:03,960 --> 00:27:11,480
there's got to be something about you to look at a big blob and go like, I'm going to spend years

281
00:27:11,480 --> 00:27:20,840
to just pll it apart. I think it's a very easy project to love from my perspective. So

282
00:27:20,840 --> 00:27:32,280
it's a glaring problem that we have known about since the beginning of the 80s, '83 or '84, I think,

283
00:27:33,080 --> 00:27:40,520
that practically everybody in computing knows about and that everybody has been ignoring.

284
00:27:41,480 --> 00:27:47,960
And that most people agree who look into it, that it really is a big problem and it hasn't been

285
00:27:47,960 --> 00:27:55,080
solved. So, and then especially when we started, there were a lot of people who said it can't be

286
00:27:55,080 --> 00:28:01,720
done. So if you have a big problem and people say it can't be done and someone famous wrote an

287
00:28:01,720 --> 00:28:10,760
article about it 40 years ago, yeah, and it involves writing your software without

288
00:28:11,400 --> 00:28:18,200
many dependencies like we did in the old days. So when I started Mes,

289
00:28:18,200 --> 00:28:24,920
it depended on nothing except for the Linux kernel, so to say. So no frameworks, no full

290
00:28:24,920 --> 00:28:35,320
stack developer nonsense, no JavaScript stuff, just small programs that you can understand,

291
00:28:35,320 --> 00:28:41,960
write yourself and don't depend on much. Yeah, it's an amazing mix, I would say.

292
00:28:43,160 --> 00:28:50,120
Going back to Trusting the Trust problem like Thompson described, I mean,

293
00:28:50,920 --> 00:28:54,360
shouldn't everything be bootstrapped in your vision?

294
00:28:55,240 --> 00:29:03,480
Yes, I think everything should be bootstrapped. Yeah, but why do you ask? What do you

295
00:29:05,640 --> 00:29:11,480
what are you thinking about? Do you doubt that for certain things?

296
00:29:12,520 --> 00:29:21,080
Well, it's not doubt. We are building a trustworthy internet. Yeah. In my perception,

297
00:29:22,200 --> 00:29:31,400
we can only trust things if we can trust what is at the base of those things. And I think, well,

298
00:29:32,120 --> 00:29:38,760
answering my question myself a little bit maybe, if we can bootstrap certain things,

299
00:29:38,760 --> 00:29:48,920
then we can build on those, from those, the rest of course. Yes. So if we can build a

300
00:29:50,040 --> 00:29:59,640
safe C compiler, then we can build trustworthy programs on that safe C compiler and the same

301
00:29:59,640 --> 00:30:07,160
goes for rest of course. Yes, but I would say if you have an application, let's say,

302
00:30:08,280 --> 00:30:16,280
Emacs or Vim, if you built that in Guix with the trusted C compiler that you bootstrapped,

303
00:30:16,280 --> 00:30:22,600
I would say those programs you built, Emacs or Vim, are also bootstrapped. So

304
00:30:23,400 --> 00:30:26,760
in some cases, if you have a program that

305
00:30:29,400 --> 00:30:36,200
doesn't, that's written in C and it only depends on libraries that are written in C that can be

306
00:30:36,200 --> 00:30:44,280
bootstrapped themselves, then the software is also bootstrapped. So for me, one of the problems

307
00:30:44,280 --> 00:30:50,120
arises is when developers start adding dependency cycles to their software,

308
00:30:50,920 --> 00:30:56,520
then it becomes very hard to boot -, if not impossible at that time, to bootstrap it.

309
00:30:57,560 --> 00:31:04,920
And yeah, what do you do? Then you have to go inject a binary. So my idea is that

310
00:31:05,640 --> 00:31:14,200
there's no technical or sound reason to inject untrusted binaries in your software stack.

311
00:31:15,000 --> 00:31:19,640
We've shown that you can bootstrap a system. Let's get rid of all the binary blobs

312
00:31:20,600 --> 00:31:28,760
and all the generated code that is still used here and there. Yeah, couldn't agree more.

313
00:31:29,560 --> 00:31:38,440
And of course, it may have downsides if you want to build everything from source,

314
00:31:38,440 --> 00:31:46,200
it can take a lot of time. So I could imagine that someone would create a trusted base system

315
00:31:46,200 --> 00:31:53,640
where everything is bootstrapped and that system is in some way,

316
00:31:53,960 --> 00:32:08,120
marked as trusted and hashed and everyone can build on that and you don't build it yourself.

317
00:32:09,160 --> 00:32:14,120
But yeah, that's just using a binary substitute for something that bootstrapped. So

318
00:32:15,720 --> 00:32:20,760
I think doing something like that just makes sense. That's essentially what Guix and Nix do

319
00:32:21,240 --> 00:32:28,840
when you install a package anyway. Yeah. You mentioned NGI Zero a couple of times already

320
00:32:30,200 --> 00:32:37,960
in our discussion. How does NGI Zero funding help your project?

321
00:32:38,920 --> 00:32:50,280
Well, that's very easy. I've had funding for at least three or four periods and if I hadn't had

322
00:32:50,280 --> 00:32:57,320
that, I wouldn't have had the time to work on this. So it would really be a hobby project and

323
00:32:57,560 --> 00:33:05,000
it's hard to tell, but it's been in my eyes essential to get this to work. Because as you

324
00:33:05,000 --> 00:33:12,440
said before, where do you get the inspiration or ask before, why do you work on this? Why is

325
00:33:12,440 --> 00:33:19,960
this important or fun? It is  

326
00:33:19,960 --> 00:33:23,720
a big project

327
00:33:25,880 --> 00:33:35,000
and if it drags out too long and yeah, it's easy to lose interest maybe. So

328
00:33:35,800 --> 00:33:46,680
at the perfect time when I thought it was really early stages, I was really surprised

329
00:33:47,240 --> 00:33:56,680
that when I asked for funding and explained why this was important, that NLnet, NGI Zero

330
00:33:58,360 --> 00:34:05,400
immediately understood why it is important and wanted to fund. Also that support, not only

331
00:34:05,400 --> 00:34:11,480
financially, which was very important, but also the support and the understanding and the

332
00:34:11,480 --> 00:34:18,440
acknowledgement that this is important, that went with it, that did really wonders for my project.

333
00:34:18,440 --> 00:34:25,160
So I'm really grateful for this. You're doing amazing and important work.

334
00:34:26,200 --> 00:34:35,240
Well, and I want to return that because you are doing the amazing work and with a

335
00:34:36,200 --> 00:34:44,440
ground laying project, I think. Yeah, thanks. So it's one of the most lovely examples of

336
00:34:45,160 --> 00:34:48,440
how we help each other and bring the world forward. Yeah.

337
00:34:49,560 --> 00:34:56,920
If you had to give advice to people who are now considering to apply for NGI Zero funding,

338
00:34:57,480 --> 00:35:04,680
what would you say to them? I would say do it. I heard from NGI Zero, from Pjotr Prins,

339
00:35:05,560 --> 00:35:12,840
at FOSDEM, I told him about my project or maybe he already knew about it and he said you have to

340
00:35:12,840 --> 00:35:22,440
apply for NGI funding and I said, oh no, I'm never going to do that again. For GNU LilyPond,

341
00:35:22,440 --> 00:35:33,400
Han-Wen and I went through a UI funding application twice, I think.

342
00:35:35,160 --> 00:35:44,200
It wasted months of our lives and it didn't produce anything and yeah, it was all spare time

343
00:35:44,200 --> 00:35:51,160
at that time. So your project stands still for a couple of months, which is terrible and it's not

344
00:35:51,160 --> 00:35:59,720
inspiring work. So I said, I'm never going to do that again and then he said, Pjotr said,

345
00:35:59,720 --> 00:36:05,080
it's really easy but we have to do it now because the deadline is today at 12.

346
00:36:08,600 --> 00:36:18,680
And I can help you write the application. So yeah, we wrote the application and I got funded. So

347
00:36:18,920 --> 00:36:28,680
my advice, we just put in between the two of us, maybe two or three hours of work to make a sound

348
00:36:28,680 --> 00:36:34,120
proposal because it really helps if you know what you're doing and you can explain why your

349
00:36:34,120 --> 00:36:43,640
project is important. But if you do, chances are pretty good that you get funded. So it's a really

350
00:36:44,600 --> 00:36:51,640
lightweight process and it can help your project a lot. So if you're doing something important

351
00:36:52,440 --> 00:36:56,600
for the internet, for freedom or security, go check it out.

352
00:36:57,480 --> 00:37:03,560
I really like the fact that you applied between deciding to apply and applying,

353
00:37:03,560 --> 00:37:05,960
it was two hours or something. That's great.

354
00:37:05,960 --> 00:37:15,480
Great. We're reaching a bit the end of the questions, but I was wondering

355
00:37:16,360 --> 00:37:23,160
if the people who are listening now and they want to contribute to GNU Mes or they maybe want to

356
00:37:24,040 --> 00:37:31,320
help get things more bootstrappable, how can they join? How can they help? What can they do?

357
00:37:31,320 --> 00:37:43,640
Yeah, so we have what they can do. We have an IRC channel, which is hash bootstrappable on LibreNet.

358
00:37:44,600 --> 00:37:50,600
That would be the best thing to join. There's also the bootstrappable mailing list.

359
00:37:51,800 --> 00:38:00,120
I would just say check out the GNU Mes website for that information. And there's also a couple of

360
00:38:01,400 --> 00:38:09,400
pretty nice blog posts on the Guix website about bootstrapping and reproducible builds.

361
00:38:09,400 --> 00:38:17,320
So you get some background in how that all works. So yeah, if you're interested, go check it out and

362
00:38:19,160 --> 00:38:26,760
say hi. Come say hi, send an email or join IRC. I think there's even a Matrix bridge for it.

363
00:38:27,320 --> 00:38:34,120
So yeah, don't hesitate and see if there's anything that you would like to do and can pick up.

364
00:38:34,920 --> 00:38:41,480
There's a lot of work that we still have to do. That's a nice invitation for anybody who's

365
00:38:41,480 --> 00:38:49,240
interested in to have a peek. So that's from our side the question. Is there anything you would

366
00:38:50,200 --> 00:38:55,160
still like to say? Yeah, maybe what I would like to say is

367
00:38:57,480 --> 00:39:06,760
I've been thinking, how did I, you asked this, how did you get involved in this? And I told you I

368
00:39:06,760 --> 00:39:14,520
found Guix. But of course in a past life, I worked on GNU LilyPond. And at some time,

369
00:39:15,480 --> 00:39:23,080
Han-Wen and I decided to work less on that and step back a bit to give other people a chance

370
00:39:23,720 --> 00:39:31,080
and the community to take up. And that's been lovely. But then for a couple of years,

371
00:39:31,640 --> 00:39:36,600
three or four years, I didn't really have a project. And that was really great because

372
00:39:36,760 --> 00:39:46,040
I had a lot of free time. But yeah, there was also a kind of nagging or guilty kind of feeling,

373
00:39:47,000 --> 00:39:54,600
shouldn't I be programming something? But a Music Typesetter is really great. People enjoy that

374
00:39:54,600 --> 00:40:01,640
software. But I was really going, well, I was looking for something important to do, something

375
00:40:01,640 --> 00:40:11,480
that I would enjoy, but also something, I call it a hole in the world. When you look at the world

376
00:40:11,480 --> 00:40:18,440
from some distance and you say, hmm, why there's a big white space here? Why doesn't someone fill it

377
00:40:18,440 --> 00:40:28,040
in? So in that period, I started together with others, I took the initiative for this democratic

378
00:40:28,040 --> 00:40:35,160
school, which was really, I think that's really important. Yeah, if you were into education at

379
00:40:35,160 --> 00:40:46,200
all, or have children look up democratic education and sociocracy. But yeah, I didn't have the time

380
00:40:46,200 --> 00:40:54,120
to really go work on that full time. So that was a fun project, but others took over. And I was still

381
00:40:54,120 --> 00:41:02,360
going, what shall I do? And then I just happened on Guix and found this remark from Ludovic

382
00:41:02,360 --> 00:41:10,120
Courtès in the manual saying, well, I told that before, this is important to reduce this size.

383
00:41:10,120 --> 00:41:16,520
And then there was at the same time, Jeremiah with his stage0 project. And I was going, well,

384
00:41:17,000 --> 00:41:26,040
that's a gap and that's a big white space or gap or hole in the world. So yeah, I guess what I'm

385
00:41:26,040 --> 00:41:36,600
saying is, it really helped me to stop doing what I've been doing for a couple of years, get out of

386
00:41:37,960 --> 00:41:45,960
the treadmill, look back and reflect on what could give you energy and what you think is

387
00:41:45,960 --> 00:41:55,480
important. And some things may just work out. But yeah, you can let that go again. So I did that

388
00:41:55,480 --> 00:42:03,560
with the school, but it's still a very nice thing. And yeah, sometimes it, in my case, it took three

389
00:42:03,560 --> 00:42:12,680
or four years to find something to work on. And I'm very happy that I didn't jump on another project,

390
00:42:12,680 --> 00:42:23,640
but had so much time on me to be bored enough to start this. So yeah.

391
00:42:23,640 --> 00:42:28,520
And then you were completely swallowed by it. So it was good.

392
00:42:28,520 --> 00:42:35,080
Yeah. So I was going, I'm never going to work so hard again as I did on LilyPond. And then,

393
00:42:35,800 --> 00:42:45,240
oh well, here I am doing it again. So, but yeah, it's been great fun. Yeah.

394
00:42:46,840 --> 00:42:55,240
That's great, Janneke. Thank you so much for building all of GNU Mes and also for talking

395
00:42:55,240 --> 00:43:01,960
to us and explaining why and how and all the things it took and who helped along the way.

396
00:43:02,920 --> 00:43:07,400
So thank you very much for talking to us. Yeah, I'm sure I forgot some important names.

397
00:43:09,240 --> 00:43:16,440
The Reproducible Builds community was essential to get bootstrapping going. And yeah,

398
00:43:18,280 --> 00:43:24,920
I want to thank that whole community too, people, everyone who helped.