Scientific American sells customers’ addresses!

I dislike paperwork, despise advertising, hate spam, and loathe companies trading addresses without my consent, which is why I’m seriously pissed off after finding a “special” offer piece of snail mail from New Scientist in my mail box this evening.

The address on the spam was wrong, in two ways: It contained the residence name where the street name should be (a mistake I commonly made after moving here), and it was missing the last letter of the residence name. Both of these errors appeared on the letter from New Scientist, and in an email from Scientific American regarding a missing issue. There’s no doubt: Scientific American is selling their customers’ addresses!

I got a subscription which is not yet expired, but I’m not interested in continuing a business relationship with such an immoral company. I’m going to ask them to terminate the subscription and send me a check for the rest of the issues, and then I never want to hear from them again.

Update: Here’s the body of the reply from Scientific American:

We are in receipt of your complaint of July 23, 2007, regarding the sale of your name to New Scientist for promotional mailings. On all of our subscription order forms, we do make mention of the fact that we may share your name with third parties, and offer you the option of “opting-out” and denying that your name be disclosed. According to our records, you did not make that selection when you originally ordered your subscription.

As per your request, we are canceling your subscription and mailing you a refund check for all issues not mailed. Please accept our apologies for the confusion.

I always opt out on these things, but there’s no way to prove that three years after the fact. They don’t say whether the option is on the form, just that it’s mentioned & offered. I’m disappointed that this isn’t more of an issue.

Confessions of an ex(?) newbie

Today Months ago it hit me that I should properly ask forgiveness for my crimes committed against the IT community. I have, in no particular order:

  • Asked for help before searching.
  • Filed bugs with too little information.
  • Been dead sure of the source of the bug and completely wrong.
  • Used
    noob
    text
    “techniques”
    in
    chats
    At least I never used FUCKING COLORED CAPS.
  • Participated in newsgroup flame wars.
  • Used frames on my website. *Shiver*
  • Vented frustration in bug reports.
  • Sent emails without reviewing content and formatting.

Spam punishment calculation

When a spammer is caught and convicted, how should you calculate the punishment? Here are a few factors to take into consideration:

  • These people are doing it for personal gain.
  • They need to know more about IT than the average person. To earn money from it, they probably have to know a lot more.
  • They don’t care who is at the other end: Joe Sixpack, Richard Stallman, Kofi Annan, or a slum charity with dial up and a 386.

These persons are as far as I can tell willfully imposing time and money costs on other people for personal gain, and there is no reason to judge them lightly.

The cost of spam deserves its own list:

  • At the very least, software must be developed continuously to keep up with the spammers’ methods. This takes time and money.
  • False negatives have to be handled by the end user, by “cleaning” the inbox, and reporting the negatives (if possible). This takes time, which often implies money.
  • False positives also have to be handled by the end user, but can have very serious effects if it’s not done often and correctly.
  • The parable of the broken window applies to spam, in that it doesn’t create wealth, but drains it to keep email usable.

So how do we calculate punishment for spammers? Here are my two cents: All that they ever earned by spamming, multiplied by some factor to keep it scary enough financially. On top of that, add jail time according to this simple formula:
Average time (for developers and end users) to handle one spam email times number of emails = Time in jail.

Of course, since spammers send billions of emails, jail time would probably be measured in lifetimes. But consider that we’re wasting the best (or at least most productive) years of our lives handling this garbage, and that the socio-economic impact is comparable to bombing a few towns every few weeks (I’d love to see a complete cost calculation for spam, but it’s probably too international and dispersed to be estimated reliably).

This post was based on the following “axioms”:

  • “Spam” refers to any unsolicited email, useful only to a small minority of recipients.
  • Handling spam, like any other email, takes time.
  • Because of the sheer volume of spam vs. solicited email, it is necessary to keep the filters’ efficiency high, even as spammers are developing new ways to circumvent them.
  • Spamming is not freedom of speech. They wouldn’t be sent if they had a cost comparable to snail mail.

The Bikeshed plugin

Here’s a wish for a plugin to all the worlds’ email writing software: Implement the self-policing functionality outlined by Poul-Henning Kamp in his brilliant A bike shed (any colour will do) on greener grass…. The post is well worth the read, but I’ll summarize the ideas:

  1. Warn the user before sending to huge mailing lists or newsgroups – Every unnecessary word is hours lost cumulatively (is that a word?).
  2. Warn the user before sending to a mailing list or newsgroup where not all messages are read – Someone might already have said the same thing.
  3. Stop the user from replying to a message if the whole message has not yet been shown – You might need to calm down if you’re replying before reading the whole message.
  4. Stop the user from sending a message which has been typed very fast – You might want to review that spelling and wording.

Now, if you’re still reading I presume you’ll humor me while I discuss the individial issues. If not, why are you here? ;)

For the first point, I’d use a local database of addresses which could support wildcards. Should be simple to implement, and might be extended to support central databases of address hashes.

The second one is simple for newsgroups and server-side mailing lists, but should be careful to look in all folders when handling client-side email.

I’m not sure I agree with the third one – When handling several issues in the same email, I often know that I’ll have to reply before reading the rest. But it should be simple to implement, and might fit to your particular way of handling emails.

The last issue is simple enough to implement, but you’ll have to handle stuff like cut’n’paste. And of course, the cps or wpm max should be customizable, preferably by monitoring the typing speed over time.

So when a newbie, cluebie, idiot, moron, troll, jackass, nutcase, fuckwit, asshole, and / or shithead is wasting hundreds of hours of other peoples’ time, you can tell him / her to Bikeshed it!

Email client reviews

Considering the age of email as a technology, and the plethora of clients available, the situation is tragic. Here is a line-up of the clients I’ve used the last few years, and the reason I stopped using each and every one of them. Some simplifications are made, such as in the use of words like “cannot”. Yes, there are often hacks to circumvent the limitations. No, I won’t go into why using a closed source, 4 year old, unmaintained, 3rd party plugin is a bad idea.

Outlook

CERN uses Exchange, so Windows desktops come with Outlook 2003 installed per default. I’m an open source enthusiast, but at first I thought it was a good idea to use what my colleagues used (and continue to use).

Pros:

  • Fast, probably because of close integration with the server
  • Saves message settings (such as flags) on the server, so I can set a TODO for when I get home or reinstall
  • User friendly wizard for filter rules
  • Integrated (CERN only) plugin to report spam and control spam settings
  • Working, simple predefined search folders
  • Good LDAP integration in right click menu

Cons:

  • 32 KB to store filter rules is not enough!
  • Resets the reading pane settings for some folders willy-nilly
  • Cannot bounce messages
  • Not enough configurable (show headers, color encoding of fields / replies, etc.)
  • Cannot export settings to human readable file (I want to keep it in CVS)
  • Flags cannot be assigned names or meanings
  • Flags are not the same as in Thunderbird or Mutt, and are thus only visible in Outlook
  • Closed source
  • Cannot use regular expressions in searches / filters
  • Difficult to copy email addresses
  • Bad thread display support

Verdict:
Works for the most part, but is not “techie” enough. I want the open source geek edition!

Thunderbird

This seems to be the most popular email client for open source enthusiasts. I’ve tried just about every version since 0.8 or 0.9, and the following points are from 1.5.0.4.

Pros:

  • Open source
  • Very configurable
  • Lots of useful extensions
  • Mostly plain text profile – Can be stored in CVS
  • Single click to mark as read / unread / junk / not junk
  • Meaningful labels
  • Supports standard flagging mechanism (same as Mutt)
  • Easy copying of email address
  • Good thread display support

Cons:

  • Bad default training on the spam filter
  • Junk mail filtering can “self-destruct” without telling the user – Empties the training file and never starts learning any more
  • No visual representation of flagging
  • Doesn’t react to changes in flagging by other applications (Mutt)
  • Sometimes crashes or hangs on startup
  • Mail filters often break – Client crashes when they are applied

Verdict:
This is not version 1.5. This is 0.9 alpha.

Mutt

I learned to use this textual email client when working for Orakeltjenesten. I could see why the other techies loved it – Stable and geekily configurable.

Pros:

  • Extremely configurable! Examples:
    • Set Reply-to based on To / Cc
    • Include other config files
    • Redefine key bindings
    • Create new key bindings
    • Wanna backup to backup@gmail.com and purge all non-flagged mail older than two weeks with CTRL-o? Add

      macro index \\Co "<tag-pattern>~r>2w!~F\\n<bounce-message>backup@gmail.com"

      , and just hit d when it’s done.

  • Simple and clutter-less interface – This is the iPod of email clients
  • Human readable configuration and address book files
  • Stable as lead
  • Color coding available for everything
  • Very good thread support
  • send-hook . my_hdr X-message-flag: Outlook is bad for you, use Mutt

    – A classic

  • Open source

Cons:

  • Doesn’t cache emails
  • *nix only – Windows clients are no longer maintained
  • No sophisticated flagging – Only boolean
  • Doesn’t do filtering – Nnnuuuuuuuh!

Verdict:
With filtering and some user friendly front-end, this would be the mail client of the century.

Gmail

Pros:

  • Fast search
  • Only browser needed
  • Settings online
  • Stable
  • Fast
  • Good spam filtering
  • Flexible labels

Cons:

  • Simplistic filtering
  • Closed source
  • Page length limit of 100
  • Max 20 filter rules
  • Cannot backup settings or mail
  • No warranty
  • No extensions

Verdict:
Not enough configurable, and too bad filtering.