<<< Date Index >>>     <<< Thread Index >>>

Re: [PATCH] Remove absolute paths from gpg.rc



On Thu, Mar 22, 2007 at 06:21:18PM -0400, Derek Martin wrote:
> On Thu, Mar 22, 2007 at 04:34:44PM +0000, Dave wrote:

> > > And what if users have different wishes?
> > 
> > I've already explained several times that the user doesn't own the
> > system.  The physical user is governed by the owner of the system.
> > Therefore, the user's wishes must be compatible with the owner's
> > wishes.  (If the owner is a dope, he'll lose users.)
> 
> ...and users never do things they're not supposed to, and always
> follow all the rules, and all of the world's jails are completely
> empty, because everyone does what they're supposed to do all the time.

You're getting off-topic.  None of what you just said has anything to do with
the discussion at hand, AFAICT.  If a physical user of a system violates his
agreement/TOU with the system owner, the system owner can simply kick him off,
or suspend his account (jail time?).

> You are living in Fantasyland.  

Not really ... UNIX was designed from the ground up for the real world.  It's
based on the UNIX philosophy, which is an optimal method for dealing with the
real world.  (In fact, it's the only optimal method known.)

> Your idealisms about the Unix Philosophy and about security simply
> don't work in the real world, where typical users are not programmers,

Typical people program all the time.  When you tell somebody how to do something
for you, that's programming.  It's totally ridiculous to paint computer users
(already a step up from typical people) as these dopes who can't give anybody
directions.  Some people are better than others at the science of explaining
things (i.e., the science of breaking difficult-seeming concepts into simple
components in a clean, simple, orthogonal way), but evolution is an amazing
thing, and animals that are far stupider than humans know how to teach each
other things.

> and don't want to spend any more time than they absolutely have to
> learning how to use and configure computer software.

That's why they want clear, simple programs, that do clear, simple actions,
without a long config file that by default makes decisions for them in a
half-assed way.  Gee, that's the UNIX philosophy, isn't it?

> Computers are a
> tool, and it should be simple and obvious how to use them, for the
> average computer user.

When you have a program that concatenates files to the screen, it's dead simple
using it: cat file1 file2 file3.

> This means big, bloated software, that does
> all the thinking for the user,

You're asking the programmers to do more than one task.  Just like the programs
themselves, a programmer who's a jack of all trades is guaranteed to be a master
of none.  That's why Windows programs constantly crash, for example.  It's also
why they constantly need new versions to address new problems.

The Windows philosophy is a very interesting one: Open as many cans of worms as
you can find, and then complain that the real world isn't perfect.

Check this out:
$ cat --version
cat (coreutils) 5.2.1
Written by Torbjorn Granlund and Richard M. Stallman.

Copyright (C) 2004 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Hey, this is a three-year-old program that still does its job right today.  Can
you imagine how much programmer work hours were saved by the decision to make
cat(1) do one thing and do it right the first time?

> because small, facile tools take too
> much effort for the average computer user to learn how to use them.

There's no point in asking the obvious: How long does it take to learn how to
use cat(1)?  Instead, let's take one of the most complex UNIX programs on the
planet: How much effort does it take your average computer user to learn VI?
Experimentally, I found that a typical motivated user (i.e., a first-year or
second-year Computer Science major) becomes as efficient as he was in Notepad
within 2 30-minute sessions.  Within only a week (4 30-minute sessions), a user
is typically able to beat the pants off the students in the other class (the
control group, using MS VC++) in virtually any text editing task.

Now, obviously, your average user isn't a motivated one, and doesn't necessarily
have a brain as good as a CompSci student (since to you, the programmer seems to
be an all-powerful genius).  For those types of users, you have EMACS, or if
that's too much as well, PICO.

The problem with your proposal is that a text editor becomes a component, not a
program.  As such, it becomes a wheel that needs reinventing (in a half-assed,
incompatible way) in every email program, every chat program, every development
environment, and every image editor.

> What you don't get is, THIS IS WHAT MOST PEOPLE WANT!

Why would anybody want THAT???

> And the LAST
> thing any normal computer user wants to think about is keeping their
> system secure.

Not that much goes into keeping a simple system secure.  If you don't run any
network services (as is the case of a "typical user"), simply working under a
user account yields more than enough security for a typical user.

> In their view, that is the programmers' and OS
> designers' job, not theirs.

The programmers have a responsibility (included in their job of making programs
that do one thing and do it right) not to introduce security holes (since
allowing long input to overwrite unrelated program variables, for example, isn't
doing the job right - or at all, for that matter ... if the input is too long
for the program to handle, it should give a proper error message and quit).

An OS designer has a responsibility to produce a secure design (included in his
job of designing a system that'll do exactly what the user wants, nothing more,
and nothing less).  The UNIX designers did their homework very well.  The Plan9
designers had the benefit of hindsight, in addition to the benefits of homework.
Both can be made very secure rather easily, for a client system.

> Until you can get a hold of this idea, and it sinks through into the
> parts of your mind that are capable of processing thought logically,
> nothing you have to say on this topic has any practical value
> whatsoever.

It's a wrong idea.  Letting a wrong idea sink into the parts of my mind that are
capable of processing thought logically isn't going to improve the practical
value of anything I say.  If anything, it'll only make me more likely to spew
illogical junk.

> Your philosophy is solely based on an extremely narrow
> view of computer users, which most people just simply don't fit into.

How is it narrow?  It's focused (as indeed, doing one thing (designing a program
right) and doing it right requires focus), but I don't think it's narrow.

> Mutt, and indeed very few programs, should target only that segment of
> computer users as its audience.  In the majority of cases, there are
> not enough of those users to make it worth the effort of developing
> tools that way.

I'd suggest you take your argument up with Michael Elkins.  Mutt is supposed to
suck less than Outlook.

> Even for users who LIKE this kind of environment, it's not right all
> the time.

Personal preference isn't always right.  Just because I like Pizza doesn't make
it right for me.  Simple tools are _always_ the right approach.  That's why
screws and nails are so useful, for example.  There are many "canned" approaches
to building a house, but none stand the test of time (for example, repairing a
structural defect 5 years later, after the manufacturer has gone out of
business) better than the simple tool approach.  You might like that cool new
kit home with ultra cool fasteners to connect the parts, but that doesn't make
it right.

> I myself am a die-hard fan of system administration via
> command line.

I'm a will-die-eventually fan of system use via command line.  I like to tell
the computer what I want, and to let it do its job or tell me why it can't.

> But when it comes to image processing, which I do a lot
> of, I don't want to do this via a couple of dozen command-line
> utilities;  I want GIMP.

That's your own choice.  I like to do image processing via ImageMagik.  (I
assume you meant graphics editing?  I like to do graphics editing using VI.  By
reducing the problem of image editing to the problem of text editing, I'm able
to leverage already existing tools that do their job right, rather than having
to create new tools.  If I'm curious how something looks, I can always look at
it in a separate VT without having to suspend VI.  If you actually meant image
editing, I don't do any of that.  I like my photos just the way they left my
camera.  However, if you want to remove red eye or something, it shouldn't be
hard to build a small program that'll take an image with red eye on stdin and
spit it out without red eye on stdout.  I just don't have any need for such a
program.)

> I want something that shows me in real time
> what I'm doing to my image, and allows me to do many different kinds
> of operations on the image without having to load the image into
> memory every damn time I want to change something, and undo what I
> just did if I don't like it.

I'd suggest you take a look at the SVG format.

> That model is totally stupid for the
> vast majority of image processing tasks.

Again, image processing is done by commands.  When you tell GIMP or Photoshop to
apply a certain effect on part of an image using your mouse, you're basically
giving GIMP or Photoshop imprecise commands (since it's difficult to hit the
exact right pixel with a mouse on the first try), and then using dialog boxes to
correct yourself.  With VI, I'm able to give precise commands to the SVG
interpreter (in most cases, svg2png) the first time, using a simple tool that I
already know how to use efficiently.  Why would I want to fire up ratpoison just
to do something in an inefficient way???

> Not only that, but it is
> impossible in most computing environments, unless you explicitly save
> backups of every version of your file.  And that makes it utterly
> impractical; doing so, and managing the versions, is tedious and
> time-consuming in the extreme.  People have much better ways to spend
> their time.

...like spending a half hour of their time installing a versioning file system,
and another half hour (not necessarily at the same time) learning how to recover
an old version of a file

This isn't exactly rocket science, you know.

> Yeah yeah versioning file system blah blah blah.  Not everyone has
> access to one,

There are a whole bunch of GPL ones online.  Anybody with Internet access has
access to one, and anybody who's running a GNU/Linux-based OS satisfies the
prereqs for most GPL ones out there.  For Bill's prisoners, there are even
WebDAV-based ones.

> or even knows what it is.

Education is a prerequisite for doing anything right.  I think it's downright
stupid to deny the possible existance of an efficient tool just because you
don't know what it is.  Search for "undo file modification" (the original
problem, in this case) on any sane search engine, and you'll probably find half
a zillion references to version control systems.  Now, all you're missing is
automated checkin and checkout.  Search for that, and you'll find references to
filesystems using a VCS as their back-end.  (Please note, none of these
statements have been tested on a real search engine.  Since they tend to try
outsmarting their users, these days, too, I can't guarantee that Google will do
the right thing.  It's quite likely that it will, though.)

> In fact, practically no one
> does.  It's not a viable solution for the vast majority of computer
> users.

Why can't the distro vendors do the setup, if their users are so stupid?
You can provide stupid defaults for half a zillion different programs.
Why can't you provide a smart default for the /home FS???  Anybody smart
enough to use Mutt in the first place probably knows a thing or two about
version control (or is willing to learn).  If your OS versioned files in
your home directory right out of the box, it'd be trivial for you to undo
errors even without really understanding what a versioning file system is.

> The Unix Philosophy is not the only game in town, and it is
> absolutely, positively, unequivocally NOT always the Right Thing.
> If you think it is, you're unbelievably narrow minded, and probably
> nuts.

I may be nuts, but that doesn't change the fact that the UNIX philosophy _is_
the only game in town, if you're interested in actually getting work done.  If
not, you can always jump ship to Bill's camp.

> > > And what about binary distributions?
> > 
> > By GPL, they must include source.
> 
> Lots of software isn't GPL -- real software that real users want to
> use.

We were discussing binary distributions of Mutt.  To answer your question,
though, I think the FSF philosophy is best: if a usable (i.e., free) program
doesn't exist that'll do the right thing, it's your right to make it exist.

 - Dave