[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: tmda (was Re: Attach filter)



on Thu, Jul 08, 2004 at 09:19:01PM -0600, Monique Y. Mudama (spam@bounceswoosh.org) wrote:
> On 2004-07-08, Karsten M. Self penned:
> >
> >
> > Jason Mastaler accepts criticism so graciously he's banned me from any
> > mail access to his domain.  Go figure.  That's adult, open, honest,
> > and principled.
> 
> Maybe because you've repeatedly proven yourself incapable of holding up
> your end of a civilized conversation on his mailing list?  

Pardon?

My first bug report on TMDA resulted in the package maintainer bluffing
that I be stripped of BTS privileges and a brief post to the TMDA user
list entitled "k00k's rant":

    http://mla.libertine.org/tmda-workers/2003-08/msg00142.html


I accepted an invitation to call someone arrogant, and satisfied the
request.  Perhaps not the top of social graces...

    http://mla.libertine.org/tmda-users/2003-09/msg00190.html


...but I'm not the only one seeing that light:

    http://mla.libertine.org/tmda-users/2003-09/msg00271.html



Germane questions and challenges were met by such rigorous technical
responses as "Stop acting like a prat", "[Jason, ] Are you going to kick
abusive evangelists like Karsten...from the list?", "knowing it's people
like Karsten that get pissed off because of C/R, somehow I like the idea
of C/R even better now", "You should have perished in the abortion your
mother wanted to have. FOAD."

    http://mla.libertine.org/tmda-users/2003-09/msg00244.html
    http://mla.libertine.org/tmda-users/2003-09/msg00261.html
    http://mla.libertine.org/tmda-users/2003-09/msg00264.html
    http://mla.libertine.org/tmda-users/2003-09/msg00269.html

Oh, and my response to that last, just for the record:

    http://mla.libertine.org/tmda-users/2003-09/msg00269.html


Yeah, I guess it was all me, Monique.   Your intuition is just so right
there.


Jason tipped his hand early at that point as he has later.  Criticism
isn't brooked.  Censorship, of course, is:

    http://mla.libertine.org/tmda-users/2003-09/msg00291.html

...in fact, he halted the entire list that time:

    http://mla.libertine.org/tmda-users/2003-09/msg00304.html


> Having seen your behavior on that very public forum, I can only
> imagine what you've said to him in private.

You like launching attacks from a position of near-zero information,
don't you.  Doesn't do much for your credibility.  Peace, baby.


Lessee....  I think I've directly mailed Jason about four times (going
through archives now).   You're welcome to check this with Jason, if you
wish.


I'm snipping Mastaler's portion of these dialogs as they're his comments
made in private communications.  I'm paraphrasing for continuity, trying
to reflect his general meaning.  Mastaler's language generally wasn't
aggressive (he's more the passive-aggressive type it would seem).

Initial off-list post to Jason, responding to my subscribing to
TMDA-users.  This being before I posted anything to list:

    [Noticed your list subscription, I've seen your rants and
    bugreport.  You're entitled to your opinion, but don't be a
    hellraiser.]

    NP.

    I'm looking for answers to questions regarding TMDA and other C-R
    schemes.

    I am fairly convinced that there are no technical solutions to the
    problems encountered.  However, I have enough intellectual honesty
    that I seek to write from an informed, rather than uninformed
    viewpoint.

    I've found that this appears to be a trait lacking among a number of
    C-R proponents.  Alan Connor (debian-user list) I'll write off as a
    nutcase.  Adam McKenna's response ("if you change the severity back
    to grave...your ability to use the BTS will be taken away"[1], and
    "My time is billed at $150 per hour") was particularly
    disheartening.  On the other hand, Kyle Hasselbach has been both
    fair and honest.  I don't think I've changed his mind, but we've had
    a good correspondence both at K5 and privately.

    C-R strikes me as fundamentally wrong.  Misguided, understandable
    intentions, but wrong.  What I'm trying to ensure is that my
    criticisms are valid.  And, to the extent that there are technical
    fixes, that these are implemented.

    As for why the broad-brush treatment:  C-R is to an extent like
    spam.  There _are_ the (very occasional) interesting and useful
    products advertised by spam.  This doesn't make spam useful.  It's
    the abuse or poor design of 99.998% of spam that makes the 4
    messages per year I might actually appreciate untenable.  Moreover:
    the mechanisms I have for dealing with the 19,996 are going to
    shitcan those four as well.


    Coming from another perspective:  y'all have already intruded on my
    inbox with unwanted mail.  Honesty says that turnabout is fair play.

    The question is:  are you honest.

    Peace

    --------------------
    Notes:

    1.  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=207300


And responding to his followup.

    Jason:
    
    To save yourself formulating a reply, read the end of this email first.
    
    
    
    on Wed, Aug 27, 2003 at 05:30:02PM -0600, Jason R. Mastaler (jason@mastaler.com) wrote:
    > "Karsten M. Self" <kmself@ix.netcom.com> writes:
    > 
    > > I'm looking for answers to questions regarding TMDA and other C-R
    > > schemes.
    > 
    > [If you know what you're talking about and are reasonable things
    > should be OK]
    
    I suppose we'll find out.
    
    
    
    > > I am fairly convinced that there are no technical solutions to the
    > > problems encountered.  However, I have enough intellectual honesty
    > > that I seek to write from an informed, rather than uninformed
    > > viewpoint.
    
    > [Your reputation preceeds you (see 'k00k' above -KMS).  Your
    > comments don't apply to TMDA, you're overgeneralizing.]
    
    For the C-R component of TMDA, the generalization is unavoidable, as a
    C-R system is wholly dependent on the response of others to it.  In
    other words, social response is a mandetory and exogenous component of
    the system.  If people cease responding to C-R challenges, or filter
    them as spam, they will lose their usefulness.  This is one integral
    complaint against TMDA.  Unfortunately, poorly designed systems hurt
    you, through "boy who cried 'Wolf!'" problem.
    
    The other principal complaint is #3 in my list.  This is the basis of my
    filing a 'grave' bug in the Debian BTS.  TMDA (in C-R mode), and other
    C-R systems, allow unauthorized use of systems on which they are
    installed, based on unvalidated inputs.
    
    From the tmda-users list archives, in fact a post of yours:
    
        TMDA will send no more than 50 auto-responses (configurable) to the
        same address in one day.
    
        http://mla.libertine.org/tmda-users/2003-03/msg00019.html
    
    That's about 49 too many in the course of a month.
    
    I see that you are personally familiar with recent IETF proposals on
    this front:
    
        http://www.ietf.org/internet-drafts/draft-moore-auto-email-response-02.txt
    
    
    > > I've found that this appears to be a trait lacking among a number of
    > > C-R proponents.
    > 
    > ["You get what you give" -- hostile approach engenders hostile
    > response.]
    
    Not to sound indignant, but I'll share some mail with you.  In
    particular, Alan Connor from the d-u list:
    
        http://lists.debian.org/debian-user/2003/debian-user-200308/msg00445.html
    
    ...though as I said, I won't hold him against the C-R community.  He's
    simply transrational.
    
    
    Also:
    
        Feel free to do whatever you like.  My time is valuable.  If you
        want it, you'll have to pay for it, just like my other customers.
    
        [In response to a request for comments on my criticisms.]
    
        ...
        
    
        Karsten wrote:
        > OK, you've violated the rule of "reply to message from C-R user
        > should not be challenged".
    
        What rule is that? Never heard of it, and I frankly don't care. If you
        don't want to communicate with me, don't answer the challenge...
    
        [Responding to my comment on a challenge sent in response to my own
        response to the party's initial email.  This was through ASK]
    
        ...
    
        
        Karsten wrote:
        > Correspondent wrote:
        > > Your statements about Challenge/Response systems are simply
        > > incorrect.                                                                  
        > Which, specifically?
    
        Most of them. I can't remember the link to the page. 
    
        [Vague, indirect, and too lazy to look up the reference, which was
        in the party's inbox.]
    
    
    
    
    
    > > C-R strikes me as fundamentally wrong.  Misguided, understandable
    > > intentions, but wrong.
   
    > [General disagreement voiced.]
    
    The problem I find is that specific criticisms are offloaded with one of
    three typical responses:
    
      - But my system doesn't do that.
      - I don't understand the problem.
      - If the challenge isn't responded to, the original mail is spam.
    
    For a classic instance:
    
        http://lists.debian.org/debian-user/2003/debian-user-200308/msg00431.html
    
    Again, it comes down largely to issue #3, and side-impacts of other
    issues.  JWZ notes C-R systems "only work if almost nobody is using
    them":
    
        http://lessig.org/cgi-bin/mt/mt-comments.cgi?entry_id=1427
    
    
    
    
    > [TMDA beats anything, deployed correctly.]
    
    At what cost to third parties?
    
    And very simply:  why can't the whitelisting be done by the recipient,
    rather than the sender?
    
    
    
    > > Coming from another perspective: y'all have already intruded on my
    > > inbox with unwanted mail.  Honesty says that turnabout is fair play.
   
    > [People don't view TMDA challenges as spam.]
    
    I certainly do if the challenge is to a mail I never sent.
    
    At present, this set constitutes a _majority_ of C-R challenges I've
    received.
    
    > [TMDA can be used in combined solutions.]
    
    My bug report would require such countermeasures or validations to be in
    place.  That is, all reasonable efforts must be taken to ensure that a
    C-R challenge is not sent to an invalid address.  At this point, one
    might well ask what the value-added of C-R on top of filtering against a
    locally maintained whitelist, virus, and spam filters, would be.
    
    Which returns to the question:  why can't users maintain their own
    whitelists?
    
    > [Use TMDA as a fallback for, e.g.:  Bayesian classifiers.]
    
    Ah:  the "but a well-designed system won't do that then" argument.
    
    
    > [Standards!  We've heard of 'em!]
    
    Consider me a strong dose of the right thing.
    
    > [Give us a chance.]
    
    Again, I don't believe there is a technical fix to the problem at hand.
    But I'd like to be sure of this conviction.
    
    
    You'll see most of these points raised on list shortly, and should have
    an opportunity to respond there.
    
    Peace.
    

On a mistakenly sent LART for mail received via libertine.org, Mon, 16
Feb 2004 16:28:05 -0800:

    Wups.  My bad.

    Manually launched script.

    libertine.org's in my "no reports" list now.


    Peace.


On the blocking of my submissions to any libertine.org address
Date: Sat, 8 May 2004 19:28:19 -0700:

    Jason:

    Anything you'd care to share about my status with the tmda mailing
    lists?

    I haven't received posts for a while, my passwords apparently don't
    work, I didn't receive a monthly subscription update (though you
    apparently haven't configured Mailman to do this), and my requests for a
    password refresh generated no apparent output.

    Could there be something wrong with your mailman configuration?

    Thanks.

    Peace.


> There's nothing wrong with changing the channel when you're sick of the
> same old garbage.  You have a right to speak; you do not have a right to
> be heard.

Sure.  And if someone's going to exercise their right to restrict
communications, I'll share that information as well.
 
> Done with this thread.

Wasn't that what you said two posts back?  Credibility, use it or lose
it.


Peace.

-- 
Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
   Rules of Spam:  Rule-keeper Shaffer's Refrain:  Spammers routinely
   prove the Rules of Spam are valid.

Attachment: signature.asc
Description: Digital signature


Reply to: