Bart Schaefer wrote:
On Jan 29, 9:23am, Michael Thomas wrote:
} The question should always be: "does user X want this mail?" rather
} than "this mail is spam/ham in absolute terms". The sooner we get
} beyond the paleospamogist priesthood, the sooner we get on with the
} actual job of building products for its users rather than the various
} other vested interests.
I think the trouble here is that there are actually two different
problems being conflated.
Mike is focused on the problem of making the users happy, which means
both eliminating content they don't want to be bothered with, and *not*
eliminating content they find desirable.
Rich is focused on the problem of network maintenance and security,
which means eliminating unwanted/malicious traffic as early as possible
and with minimal disruption to the important/innocuous traffic.
These two foci are in conflict. For Rich, it's obvious that end users
have limited expertise in distinguishing undesirable traffic; and to
allow the users to express their opinion, he must first allow that
traffic to pass, which is unacceptably dangerous, possibly disruptive,
and violates the "as early as possible" constraint. Only an absolute
classification helps to solve Rich's problem.
no, no, no, you misunderstand me. I'm not saying that prefiltering is
bad. far from it.
this started out with the claim that end users with their TiS buttons
are between useless
and dangerous. Users may not get all bad things (duh), but they also
know a heck of a
lot more about what they don't want than some system-wide classifier
that is BY DESIGN
allergic to false positives.
And I'll take issue with "only absolute classification helps solve
Rich's problem." In fact,
users on a day 0 exploit are your only line of defence so you better
damn well hope that
some percentage of them push the panic button, and you'd be foolish to not
build systems that take those early warnings into account.
The point i'm making is that the user MUST be a part of the larger
problem of managing
their own firehose. The absolutist "spam/ham"-must-be-part-of-priesthood
is but one way
to achieve a level of filtering with relatively few false positives, but
it is not the whole
picture. The whole picture is "don't show me what I don't want to see".
Rich may be overly dismissive of Mike's problem, but to declare concerns
about maintenance and security to be anachronisms not part of the "actual
job" is to repeat the mistakes of the past.
Asrg mailing list
Asrg mailing list