Re: Yap sometimes hangs making fonts

Jason Earl wrote:
There is a very good reason why I avoid as much as possible registering at Web
sites. Whenever I explain that reason, everyone just glosses over it
or ignores it

We don't just gloss over it or ignore it, we just state that we don't
believe that your bugs are likely to get fixed unless you bring them
up in the correct forum.

That is glossing over or ignoring it. I give a reason why I won't
register at Web sites, and your response isn't to counter that argument
at all but to say "Register at this one anyway, or else!"

Also, who appointed you grand poobah of determining what is "correct"
and what is not? Arrogant and rude language!

[Reiterates his "point", which is in fact *not* a point, since it
doesn't address any of my objections to registration]

No one is defending web sites that force you to register.

Really? (I consider telling someone, modulo wording, to "shut up and
register already" to be tantamount to doing so.)

It is my opinion that these mailing lists serve an important purpose.

It is my opinion that their purpose can be better served, whilst
exposing users to less (and more controllable by them individually)
risk of a breach of privacy (not to mention less spam), by using a
usenet newsgroup, which may or may not be moderated to limit
spam/off-topic blather to the group. Or at least by gatewaying the
list, allowing it to be read, posted to, and archived as a Usenet
group. Then people can participate with munged/bogus email addresses
and dodge the spam, as well as isolate their activities there from
producing any kind of results that spill into other parts of their
lives.

If you have an argument to rebut the above, then by all means, present
it (be civil though, please). If you do not, feel free to shut up now.

It is very hard to receive email from a mailing list that doesn't have
your email address, but I can see your point. You don't want people
to have access to your email address.

It's not even that. I simply want myself, and users generally, to have
the choice not to expose it. And still have access. Usenet provides
that medium. Until people like you finish dismantling it and
balkanizing the net into little separate fiefdoms.

Unfortunately, some people prefer to use email over newsgroups. Just
like it is your right to not participate in a mailing list it is their
right to prefer a mailing list over a newsgroup.

Gatewayed mailing lists, anyone? They've been around since oh, maybe
1970.

It was an honest misunderstanding. I'm a member of a lot of mailing
lists. To me giving my email address out to groups that I would like
to have contact me seems like a natural thing to do.

And, I suppose, so does having the equivalent of several high traffic
usenet groups in your *inbox*. And being deluged with spam.

That's your choice and I respect it. Please respect mine, and site
operators please support those who feel as I do.

No, I don't. I am a firm believer in free speech, but I am not much
of a believer in anonymous free speech.

Read Talley v. State of California sometime. There're other important,
relevent cases that were decided, too.

If you have something worth being said why hide who is saying it.

Well, let's see.
1. To avoid persecution for your possibly unconventional/taboo belief?
2. To encourage your argument be evaluated purely on its own merits,
without the author's identity or history becoming a bone of contention
or other such irrelevancies polluting the proceedings?
3. To ensure your argument or statement can't be reasonably suspected
of having ulterior motives (he's just saying it because it's good PR,
not because he believes it)?
4. To ensure whatever it is is not copyrighted and its reuse or
distribution subsequently limited by law? (Some jurisdictions don't
permit anyone to simply put something they write immediately into the
public domain, so if a writing is attributable to someone, everyone has
to ask their permission to reuse it!)

That's just off the top of my head.

Online, avoiding spam, net.stalking, and so forth all come to mind, and
are related to item 1 above (although spammers don't care what you
wrote, just that you included a contact address of some sort).

I mean seriously, when you post about
a bug in Yap who precisely are you hiding from?

Spammers, for one.

The "man" is using Microsoft Word.

Huh? This appears to be a complete non-sequitur.

I am pretty sure that you can participate in a mailing list with an
anonymous email address, but I see your point.

You still have to read the email at that address. And it will get spam,
because you exposed the address. And, unlike on usenet you didn't get
the choice.

Actually I read both USENET and email in Emacs Gnus. Emacs sorts the
various mailing lists into groups that are basically indistinguishable
from USENET groups. The advantage of the email lists is that only
people that are subscribed can post, which makes it harder (not
easier) for spam to get in.

Actually, that's a disadvantage. It makes censorship easier. Spam on
usenet gets canceled pretty quickly these days. Despammer cancels are
honored even by servers that don't honor most other cancels, and by
Google, apparently (it doesn't seem to archive much usenet spam).
Moderation can be used to block spam also. (See soc.sexuality.general
-- if the moderators start getting personal and censoring someone they
can easily evade it, so ultimately the only thing that can be blocked
is something whose content (rather than author) is objectionable, which
means spam and maybe anything too off-topic.)

If things go wrong, starting over is easier on Usenet.

Another thing about mailing lists -- whatever the interface, every
message uses your bandwidth, interesting or not. Decent usenet
interfaces (and even some awful ones *cough*GG*cough*) send only header
info, and only send the bulk of a message upon request.

And as I noted, the list gets less spam but the individual users get
more because they don't have the choice not to expose their address.

If the list owners insist on only using a list -- no newsgroup, or
gatewayed pair of group and list -- on the grounds of wanting to dodge
spam, I don't have much sympathy for them. Selfishly, they intend to
get less spam at the expense of everyone else using the list getting
more. Which sucks. Basically they want to shove *their* spam into *my*
inbox, is what it boils down to. Why should I simply accept that?

The other advantage of mailing lists is
that I end up with a searchable archive of emails on my hard drive
where they are easy to get at.

What the hell kind of advantage is that? Your archive clutters up your
disk space and you're stuck with Microsoft's crummy Search Assistant to
sort through it all. Versus a usenet group, which you can Google and
which doesn't take up more than an ephemeral amount of disk space for
read/unread/subscribed-group info and temporary data. Add to that that
if you're at work, at the library, at a hotel, whatever, you can't
access this archive, but you can access Google, and without even having
to log on to anything (except perhaps some sort of basic network
access).

(Yeah I know there are Search Assistant alternatives. Let's see now:

* Unix grep (ported, or on actual Unix) -- having to reread the thick,
technical manual each time you want to do a search sucks. So does not
being able to manipulate the result list -- it just scrolls up the
screen and you can maybe capture it to a file to read later, rather
than double click an item to read it in full, drag an item to move it
elsewhere, delete an item directly from the results list UI ...

* Agent ransack -- oft recommended hereabous, but I found that doing a
full-text search of any large set of files results in the process
bloating up to upwards of 1GB(!) and the entire system slowing to an
unusable crawl until the search is completed. Which took no less time
than with Search Assistant, which (amazingly, as it's part of MS
Explorer) doesn't take up anywhere near as much peak-usage RAM or slow
the system down anywhere near as badly for the identical search.

All things considered I feel that a good mailing list is like USENET+,
at least in Emacs.

Emacs, of course, being like a Windows- -- maybe more reliable, but
it's really just a dosshell/unix shell masquerading as an editor, and
unusable without frequent trips to the manual. I found I tended to get
stuck with a task in one window, the help in the other, and unable to
get it into a state where the focus was on the task and the
task-relevant help was in the help pane. To get the focus back to the
task pane after bringing up the relevant help seemed to need browsing
the help, you see, for how to flip windows (needless to say it wasn't
the standard-issue ctrl+tab (for mdi) or even alt+tab) and then of
course I'm back at the task window but with the wrong help displayed!
As far as I can tell, it's just unusable without an actual printed-out
cheat *** (or years of experience that amount to having memorized
said cheat ***). It's a throwback to the office apps of circa 1986,
by God.

Interfaces that rely on memorization are ... ugh. It's like, after
years of being able to see, being struck blind. And at the same time as
moving to a new house with an unfamiliar layout. For ages you have to
feel your way around and keep bumping into things. There's a map in
Braille somewhere, but you have to feel your way to *that* when you
wish to consult it. Maybe eventually you memorize it and can navigate
around the place almost as easily as someone who could actually see
where they were going.

Except that unlike someone who gets struck blind, a user actually has a
choice, and after running into something like emacs, they tend to move
back into their old house. See, it's not like you moved house and were
struck blind. It's like you moved house and the house simply doesn't
have any light fixtures, despite civilization having known how to build
them cheaply as a standard feature for decades!

I imagine the expert user has the equivalent of a flashlight in that
darkened structure.

Oh, and did I mention everything important is in the basement, where
it's pitch-black even at noon?

Actually, most unix tools seem to be built on this sort of philosophy.
A lot of them even throw in a seeing eye dog that understands pidgin
English and barks a large repertoire of error messages at you. A very
literal-minded one. Accomplishing anything amounts to training the dog
to do it and then reading the dog's failure report and trying again ...
rather than directly manipulating the objects yourself.

Some people actually seem to like this. Maybe it's a nostalgia thing? I
dunno. But it's definitely not for everyone.

I suppose everyone is entitled to an opinion. There's little denying
that mailing lists are more popular than newsgroups though. Your
opinion doesn't appear to be particularly popular.

Neither does political awareness generally, or the truth behind 9/11,
or various other things. Doesn't mean the majority are not being
foolish.

That's definitely a concern with many websites. I don't think it's
really a valid concern with the MikTeX people, but that's for you to
decide. I just think that your decision is unfortunate in that it
lowers your chance of having your issue resolved. However, I can
understand not wanting to compromise your principles, even if I don't
share your principles.

Well, this is quite a change from the unreasoning back-and-forths of
the past week or two!

I have a hard time believing that people have a right to one night
stands. Perhaps that's just a bad metaphor.

Perhaps it is. Actually, the key thing is that we're discussing a
relationship with an organization, rather than an individual. I
wholeheartedly agree that individuals in relationships with individuals
should collectively compromise to decide the terms of said
relationship.

On the other hand, I think that when an individual has a relationship
with an organization, the individual must be the sole arbiter of the
terms of that relationship, free to terminate it at any time, and that
where that isn't possible (e.g. they're the government, which you can't
avoid dealing with, at least by any means less drastic than moving to
another country) there must be strict controls (e.g. a constitution and
bill of rights) limiting the organization's actions and binding on it
to protect all the individuals that treat with it in any capacity
whatsoever.

Corporations and other non-governmental organizations tend not to have
bills of rights, and do tend to be self-maximizing. In fact, if any
psychiatrist pretended any such organization was an individual and
"diagnosed" it they'd find it to be a psychopath. Each and every one of
them is a remorseless sociopath, in other words, incapable of pity or
sympathy of any sort, and with no moral compass at all, just a drive to
self-maximize. In for-profit organizations this manifests as every
action being taken solely with the bottom line in mind, heedless of any
effect on the community. Corporations that show some values do so
because it is good PR, not because it is actually part of their nature.

Of course, this isn't to say they are inherently evil; they're just
amoral. Like a dangerous solitary wild animal -- a tiger, say -- they
have no remorse or pity, and nothing akin to a conscience, but they may
play a crucial role in the ecology.

Nonetheless, we should not act like they are all cute and cuddly and
harmless, or fail to call animal control if one starts rampaging around
inside city limits.

Same with the corporations and other large organizations. Users must
arm and defend themselves. They must be able to slam a barred cage door
between themselves and the organization at a moment's notice.

They must be able to make a clean break with an organization at the
time of their choosing -- settle any outstanding bill and walk away
never to be bothered again unless they choose to change their mind.
This must be a fundamental right, with very few exceptions, and those
exceptions (e.g. the government) must all be bound by the sorts of
checks and balances that tend to occur in constitutional democracies
now.

I am not attacking you. I will admit that I have poked a bit of fun
at your belief system, but that's not something I am particularly
proud of. Your principles appear to be consistent, and while I
believe that your fears are somewhat misplaced, I will admit that I
admire someone that follows their principles.

Hrm. Misplaced. We'll see. The way things are going, we'll see quite
soon whose fears were misplaced, and whose were right on the money.

http://www.freedom-to-tinker.com (particularly "the Exxon Valdez of
Privacy", one recent article)

Issues. Category "technology and freedom" may be most relevant, but
privacy and security stuff too.

http://www.gripe2ed.com/scoop/

View from the trenches. How the things debated at the former blog end
up looking to the man in the street when they get implemented.

It does get a little tiring to keep pointing out that your Yap bug
still isn't getting fixed. How about a truce?

Sure.

There is another issue mind you. It's the amazingly nasty reception
I've gotten, just generally.

Let's see what faux-pas I did NOT commit.

I posted some questions -- none of which (as near as I can tell) are in
the FAQ (the one links to which got posted). To be precise, the FAQ
doesn't cover font generation hanging, making command behavior vary
when adjacent to/interrupted by a page break, uneven-looking letter
spacing, easy ways to reconcile packages that conflict, etc...

Despite which, most of these posts resulting in a nasty response along
the lines of "read the FAQ, moron!"

Not only that, the FAQ's location (or even existence) is unobvious to
the newcomer.

To top it off, people keep referring me, for TeX related things, out of
comp.text.tex -- why? There are no other Usenet newsgroups of
reasonably high activity that cover anything TeX that I am aware of.


However, I think that it is unfair to say that the MikTeX folks are
rude or arrogant.

I think that any site not providing a registration-free access path is.

I think that any site that wants users to drop their guard is.

These days you can't take two steps without being reminded (possibly in
an unpleasant way, such as spyware infection, or worse) of how
important it is to be paranoid on the net. We are told over and over:
* Use a firewall. Preferably one that alerts you when applications want
to phone home, as well as blocking outside intrusions.
* Use antivirus.
* Keep antivirus and operating system up to date.
* Use Ad-Aware and Spybot S&D, in tandem.
* Links that look legitimate may not be. Don't trust that something
that looks like it's from, say, your bank, actually is. Especially be
concerned by yourbank.8m.com or .co.uk or similar -- these are easy to
register sub domains, and anyone could have registered it. (Note that
the FAQ links people assumed I'd just trust here were in fact in the
*.co.uk domain tree.)
* Give out information grudgingly, on a need-to-know basis. Be
especially careful with any financial data, bank account numbers,
credit card numbers, and your street address.

And then we go visit some site and it says "We know you're supposed to
be paranoid, but you can trust *us*."

Can you? Surely not every site that asks us to. The bad ones will be
among the first ones to ask to be "just trusted".

So what does a site that asks you to "just trust" them actually intend?

A few are seriously bad.
Many are mostly OK, but there's a greedy marketing department
somewhere, or lawyers that insist that to avoid liability the company
must utterly control every access, or PR types that want strict control
so they can censor any bad press that arises or is referenced in the
forums. Spindoctors, marketers, and lawyers putting the
company/organization first, as they are trained to, but in the process
putting users at more risk, of spam or other unwanted communications,
of censorship, whatever.
And then there are the ones that are actually good, and because of that
they feel that users should trust them -- because they really won't
misuse, even slightly, the data. They maybe even feel insulted (and
others feel insulted on their behalf) when users don't trust them.

I think that last type may be the most dangerous of all. Because they
really are harmless, aside from asking users to trust them. Some users
will, and they won't get burned. And people will learn that they don't
need to be so paranoid on the net. And some day they are staring in
horror at the guy that just cut up their credit card. "I have an
outstanding balance of WHAT?!"

Oops.

The sites that want you to trust them because they have, in fact,
nothing to hide are the ones that will most undermine the important
lessons users have learned over the past few years, which boil down to
"when you're online, trust no-one". If a user slips up at any other
site they'll get a few "special offers" at minimum and think "oops!
momma told me to keep my private info close to my chest ... better be
more careful next time", so the bulk of info-gathering sites, the ones
that misuse it in minor ways, reinforce the lesson without exacting a
big cost. But the sites that really are harmless, if they ask for
personal data, undermine that lesson instead. Because they really can
be trusted. And nobody else can.

I run a website myself. I used to accept anonymous posts, but it
turned out to be a huge hassle, so I turned them off.

Even with a captcha standing guard to keep bots out?

nor do I consider an email address to be "oodles of irrelevant information."

The size of "oodles" varies from site to site. One bit of information
irrelevant to the bug, in this case, but still one too many.

Whatever makes you happy. There are lots of folks that I don't mind
receiving email from. I would just as soon be more accessible than
you wan to be.

Even unsolicited mail from businesses?

On the flip side, I don't really see any reason to hide.

I do. I have seen many reasons. CD Universe was one. ChoicePoint was
another...

Once again, I consider your email address to be critical information
if you are signing up for a mailing list, and I happen to like mailing
lists. You happen to dislike mailing lists.

Participating in a mailing list should not be a requirement of
submitting a bug report. Most of the list will be irrelevant to the bug
report in question. It means having the business end of a firehose
stuck in your inbox as a condition of having your bug report heard, and
the tap turned on.

And that is actually assuming that no misuse happens whatsoever and the
archives miraculously go unharvested by bots, with (also miraculously)
no spammers having signed up to the list not to post spam (which would
get them immediately thrown off it) but to silently gather addresses.

Once again, I get your slippery slope argument, but you've gone off
track. While it is fine to refuse to hand out your email address on
principle, it is not fine to slander the MikTeX project. They don't
have a "six page form" to sign up for the mailing list, they have no
marketing department, and you have absolutely no knowledge of people
"lurking in the shadows hungry for fresh victims to spam."

This one specific bunch may not, but they aren't the only bunch out
there clamoring for my email address, and if I trusted every place that
said they were harmless and asked for it ... well, you get the picture.

How do I know? I truly doubt MiKTeX's group would misuse my
information. But I also don't doubt there are groups out there that
would, and that well-intentioned ones still sometimes accidentally leak
information. And they probably have their own advocates out on the
street countering any suggestion that they might not be on the
up-and-up with their use of the information they request. And yes,
those advocates probably also accuse anyone who expresses suspicion of
slandering them.

Are you grass roots, or are you astroturf? How do I tell? How do I
decide whether I can trust an organization with my personal bona fides?
How about I don't -- I trust no-one. Because MiKTeX isn't the only
group out there. Because anyone can pretend to be MiKTeX. Because even
a well-intentioned group like MiKTeX may slip up and expose information
to outsiders, purely by accident.

Here's the deal. Just like the MikTeX people can't convince you to
sign up for their mailing list, you can convince everyone to use
USENET instead of mailing lists. It simply isn't going to happen.

That's why God invented "gatewayed lists" -- best of both worlds.
People who want an uncluttered email and control over who gets their
address can use the usenet half. People who want email can use the
mailing-list half. Everybody wins -- well, except the spammers and
their ilk. They lose, relative to list-only.

May I assume that anyone who opposes gatewaying a list is therefore
either a) an idiot or b) a spammer?

Even sites where actual money changes hands don't need anywhere near
as much information as they insist upon. Ebay could ask for nothing
but a username, password, and numbered Swiss account for
example. They insist on gobs and gobs of personal information
instead, and on being able to dog your heels. Their little bull
terrier Paypal is even worse, so notorious they have not one but
*three* foobarsucks.com style antisites targeted at, and solely at,
them. This makes it impossible to establish a business relationship
(either with them, or with anyone else via them) and cleanly break
it off at a later date if you decide it isn't working out.

I am definitely not a fan of anonymity when money is involved.

Maybe, but money isn't involved here. Of course, when money is involved
a company should be able to hang on until the bill is settled. After
that point you should be able to tell them "leave me alone" and be left
alone by them, however; also if there never was any bill to settle
because you never bought anything from them, or anything of the sort.

There are already plenty of articles that require you to be logged in
before changing. Perhaps you should fly your flag at quarter mast for
now.

They say they do that with controversial articles during a war/spree of
vandalism, and the main page and (temporarily) stuff linked directly
from there. Often only admins can edit. But that's it.

No, I am saying that you *do* have to register to submit bug reports.

And I am saying that you shouldn't have to.

However, the real answer is that I simply have a different set of
values when it comes to email address privacy than you do.

Unfortunately, you and those you represent don't seem to want to
accomodate anyone who doesn't share your view on the matter.

I'm not concerned about spam on mailing lists. I'm concerned about
spam in my fucking inbox. Which increases with every increase in
exposure of my email address. And for obvious reasons, unlike on
usenet on a mailing list you can't mung it or use one that's
out-and-out phony.

I fail to see the difference. Wading through spam on USENET is
remarkably similar to wading through potential spam on a mailing
list. As I said before, I use essentially the same interface for both
email and news and there is no question that USENET has more crap on
it than your average mailing list.

OK, let's clarify this. There are two sets of spam:
* Spam in the forum itself (mailing list or usenet)
* Spam in your inbox but not in the forum.

Now a usenet group gets a trickle of the former -- the cancelbunnies
keep it down to a low hiss nowadays; used to be a low roar. A moderated
one or a mailing list gets practically none.

As for the latter, to avoid it you must mung (or even not have) a valid
email address in your postings. On Usenet that is possible. On a
mailing list, unless it is gatewayed and you post via the usenet group,
it is not possible. Even if the list is not archived, or addresses are
munged or elided in the archives.

The reason is simple: your (real, unmunged) email address is exposed to
all of the participants. And one of them can be a spammer. Not for long
if they post a spam to the list, of course. But what if they just lurk?
What if a spammer signs a bot up to a list, one that doesn't do
anything but harvest addresses from the incoming messages and generates
no outgoing?

Oops. Didn't think of that one, did you. But I did. And you can bet the
spammers did, too, and have been doing this for years on all kinds of
mailing lists.

A gateway may be the ideal solution. People who want the list format,
and are willing to accept the spam increase, can still have it. They
can still have the same minimum exposure (solely to lurking harvester
bots that sign onto the list) if the gateway mungs or removes email
addresses when it posts list messages to the newsgroup.

And users can control exposure absolutely by using only the newsgroup
half. Use a truly-invalid address and none of the participants (nor the
operator) have your address to possibly leak or misuse. Use a merely
munged one and bot harvesting becomes a non-issue, though misuse or
leakage by a live human being remains possible.

This has nothing to do with MikTeX.

It's called "topic drift". If you don't like it, get out of usenet and
stick to your cozy cloistered regimented centrally-controlled moderated
mailing lists.

You know what? I think the real beef here is simply that you are an
authoritarian and I am more of a libertarian ... and that automatically
puts us at odds.

Hmm... If that's the case maybe I should rethink putting my email
address on my business cards. Clearly handing out my email address is
a much more dangerous action than I thought.

As a PR action it actually makes perfect sense -- but spam goes with
the territory. Fortunately, printed business cards aren't yet
susceptible to bot address harvesting.

.