Seductive Mirage or Allure of Complex, Proprietary Coffee Machines (or Similar White Elephants)

posted by Roy Schestowitz on Aug 09, 2025,
updated Aug 10, 2025

"Originally ‘white elephants’ were simply that – elephants that were white. Later, the expression came to mean ‘a burdensome possession – one that is more trouble than it is worth’. More recently, the term has also been used to describe any doomed enterprise, on which large sums of money are spent and which is then abandoned." -Gary Martin, Phrases.org.uk

There is no "status symbol" (other than cars and homes perhaps, usually bought on loans/mortgages) or an extravagance signal - however shallow and superficial - louder than overpaying for things outside, outdoors, e.g. expensive dining venues/places with overpriced drinks (alcoholic beverages with supposedly "famous" names). Sure, the "super-rich" also have yachts, planes, and dining places of their own (they "eat out" only for photo ops and due to international travel), but forget about those for now. To them, clothes are not enough to impress as there's an "upper bound" on how much clothes cost and the same goes for Jewelries (diamonds and gold are "slush funds" to them). To pretenders (social climbers) and not-so-rich-but-trying-to-look-rich people there are items like "latest iPhone", (alleged) "reading rooms", and maybe "Professional^* Coffee Machines" at home. They want to tell friends about their "lifestyle", even if it's 99% faked. We once had a friend, an operating room nurse, who pretended to be a heart surgeon; he pretended to have "wine-tasting parties", have many homes, and he bought some "massage chair". Some people were (and still are) gullible enough to fall for it. I know some who did. Even relatively well educated people. That says a lot about humans, fearing admission of their own poor judgement or false impressions.

The real cost of all those things (including planes, not just smaller items like "Professional Coffee Machines") isn't the purchasing price. It's the maintenance. Those things are "white elephants" which within years can cost a lot in "parts" (spares aren't produced forever) and necessary repairs. So much can go wrong because there are moving parts and the manufacturers make a lot of money from their monopolies on those parts, which are proprietary and patented (so as to prevent other companies making compatible parts for a decent, fair, reasonable price).

Software is a lot like those things. Companies may think or feel like they get "The Best" with some SAP licence or an IBM server/mainframe. But at what cost? Can they fix things on their own? How often do things break or require 'servicing'? The company that has a contract for those things starts having an actual financial incentive to make those things less reliable (repeat customers, more invoices).

I was reminded of this 3 days ago when a friend's WordPress site started failing for some mysterious reason, maybe a PHP upgrade (done by the server owner or webhost without prior warning). After some investigation it turned out code which worked before just stopped working; it threw silent PHP warnings instead (white screens of death; the host has access to backend logs, so escalation became necessary and a serious overhead/toll).

Complex system are like this. WordPress is an example of a complex system (each new release further complicates both the back end and the front end), as the complexity isn't just in WordPress itself (core), but in underlying (bundled) WordPress dependencies, which import their own array of flaws, not to mention plug-ins and extensions; it is typically combined with a MariaDB database and PHP, set aside the webserver software and a "modern" operating system. Will a site that you run with WordPress run in 10 years without any human intervention? No. Hell no! In the case of my friend's site, he died 2.5 years ago (we were very close since I was a teenager). And I still need to regularly work on that site just to keep it going. WordPress is expensive to maintain; it takes a lot of time. It's basically a "white elephant" of sorts.

We need to get back to a sort of movement which favours simple systems and true modularity, such as UNIX. Generally speaking, complexity leads to security problems, as an associate reminds us, and simplicity is thus a prerequisite for secure systems (that's a topic that has been explored a lot before elsewhere^**).

UNIX has survived a lot longer than Microsoft and Apple^***.

Canonical in its sheer stupidity seems to be on a war against GNU, a 'free UNIX'; it tries to replace GNU (even wget) with Microsoft GitHub. It's insane, but those decisions are made by a young officer from the British Army, whose experience in technology is relatively limited. Ubuntu (and Canonical) will pay for it, if not now then definitely in the long run; all this experimental nonsense and Rust worship may seem "trendy", but who will be left holding the bag? █

_________

^* The so-called 'industrial grade' ones are a lot less expensive than a used car; one can check their prices online and some shops sell theirs in eBay (maybe because they change to another vendor or maybe those are shops that went bust). Almost every Western home can afford one, but for how long? They cost a fortune to service, so each cup served can "cost" like 10 dollars.

^** See the following old and recent articles:

• Why strong cybersecurity means we must reduce complexity | World Economic Forum
• A Plea for Simplicity - Schneier on Security
• “Complexity Is the Worst Enemy of Security”: Studying Cybersecurity Through the Lens of Organizational Complexity - Schneier on Security [PDF] (see comments below)
• Quotable Spaf (quoted below)
• Virtualization explained by Theo de Raadt (quoted below)

Regarding "Complexity Is the Worst Enemy of Security" (above), pay close attention to the opening quote, leading with "complexity is the worst enemy of security..." and note that LLM-generated code is not only complex (thus insecure), it is not understood until a developer invests unreasonable amounts of time and effort into analyzing it, an associate argues, and "thus LLM slop code is by definition insecure, legacy code".

This is from Spaf:

One quote that varies in pertinence cyclically is "Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted." I used to say this in presentations, but I believe I first put it down in writing in an email to the RAID (Research Advances in Intrusion Detection) workshop program committee in mid-1998.

Theo de Raadt nearly two decades ago (he turned out to be right; it was the same later when containers became all the rage):

You've been smoking something really mind altering, and I think you should share it.

x86 virtualization is about basically placing another nearly full kernel, full of new bugs, on top of a nasty x86 architecture which barely has correct page protection. Then running your operating system on the other side of this brand new pile of shit.

You are absolutely deluded, if not stupid, if you think that a worldwide collection of software engineers who can't write operating systems or applications without security holes, can then turn around and suddenly write virtualization layers without security holes.

You've seen something on the shelf, and it has all sorts of pretty colours, and you've bought it.

That's all x86 virtualization is.

^*** ESR wrote some sage advice, an associate remarks, "but [it] lacks explanations of why each rule is listed". To quote:

The ‘Unix philosophy’ originated with Ken Thompson's early meditations on how to design a small but capable operating system with a clean service interface. It grew as the Unix culture learned things about how to get maximum leverage out of Thompson's design. It absorbed lessons from many sources along the way.

The Unix philosophy is not a formal design method. It wasn't handed down from the high fastnesses of theoretical computer science as a way to produce theoretically perfect software. Nor is it that perennial executive's mirage, some way to magically extract innovative but reliable software on too short a deadline from unmotivated, badly managed, and underpaid programmers.

The Unix philosophy (like successful folk traditions in other engineering disciplines) is bottom-up, not top-down. It is pragmatic and grounded in experience. It is not to be found in official methods and standards, but rather in the implicit half-reflexive knowledge, the expertise that the Unix culture transmits. It encourages a sense of proportion and skepticism — and shows both by having a sense of (often subversive) humor.

Some "things were obvious to old timers," the associate opines, "but many in gen z have little to no clue" and "there is some good discussion further down in the document", e.g.:

In the early minicomputer days of Unix, this was still a fairly radical idea (machines were a great deal slower and more expensive then). Nowadays, with every development shop and most users (apart from the few modeling nuclear explosions or doing 3D movie animation) awash in cheap machine cycles, it may seem too obvious to need saying.

Somehow, though, practice doesn't seem to have quite caught up with reality. If we took this maxim really seriously throughout software development, most applications would be written in higher-level languages like Perl, Tcl, Python, Java, Lisp and even shell — languages that ease the programmer's burden by doing their own memory management (see [Ravenbrook]).

And indeed this is happening within the Unix world, though outside it most applications shops still seem stuck with the old-school Unix strategy of coding in C (or C++). Later in this book we'll discuss this strategy and its tradeoffs in detail.

There's a lot more in there and it's structured for easy digestion, one key point at a time.