Remember the Users
RSS imageAbout About Me

The ongoing challenge of using free/libre software.

Managing This Blog — 1

Some relationships are unhealthy. Such relationships should be terminated.

I decided to face a long overdue project. To escape wordpress.com.

I understand the quid pro quo relationship. Free hosting service in exchange for tracking, data mining, and potential loss of privacy. TANSTAAFL. wordpress.com is a freemium service — users are encouraged to move to wordpress.org. wordpress.com also is subject to advertising.

The wordpress.com site does not set well with my personal philosophy. I do not believe in mass surveillance or mass data mining. I dislike advertising.

Some data mining efforts I can live with because I am careful how I share personal information online. A blog is a blog. Writers expect other people to read the content.

That said, I detest JavaScript in just about all forms.

The steaming pile of JavaScript excrement required at wordpress.com drove me bonkers. I grew irritable every time I wanted to post new articles. Just the thought of wanting to post. I detested the wordpress.com experience.

I use NoScript and allow JavaScript for very few sites. Temporarily enabling JavaScript for every single URL used in wordpress.com frustrated me.

Without enabling JavaScript for all of the URLs resulted in various forms of a broken interface.

Don’t forget the obsession with tracking cookies.

Don’t forget the dependencies on various Google services, such as fonts and icons. More tracking.

I started blogging at wordpress.com because I wanted a quick way to start. Being free was alluring despite the compromises. Deep inside I knew better. With respect to the web, anything that is free should be suspect because there is a price. Always.

I help another person with a WordPress site. That provided me some familiarity with the interface before I started the blog. Unknown to me was the differences between the two interfaces. When WordPress is self-hosted a lot of cruft is easily disabled or ignored. When used at wordpress.com, users pretty much pull down their pants and bend over. quid pro quo.

My first discomforting experience was creating an account at wordpress.com. I could do so only with the following web browser options:

* JavaScript fully enabled.

* Cookies enabled.

* dom.storage.enabled=true.

Not a great feeling. I should have stopped right then and there.

After registering:

  • Restoring dom.storage.enabled=false worked fine.
  • Cookies and JavaScript are required although only for the blog URL.
  • Cookies and JavaScript are not required to visit the blog but some functionality is lost.
  • Using session-only cookies worked fine during my admin sessions.
  • Despite allowing only session cookies for the blog url, a cookie is also set for wordpress.com.
  • I am a NoScript user. I added only the specific blog URL to my white list, but additional temporary JavaScript permissions are required for several wordpress sub domains.
  • Without temporarily enabling those sub domains, the visual editor fails to function.
  • Without temporarily enabling those sub domains, basic text pasting fails to function.
  • Without temporarily enabling those sub domains, adding tags fails to function.
  • When I forget to add tags I am rudely nagged.
  • For the first dozen or so posts every time I published a new post I was presented with a silly congratulatory message. Perhaps I was expected to roll over, wet myself, and lick the boots of a master.
  • Privacy is not a priority with wordpress.com — the design expectation with wordpress.com is all bloggers are expected to be a big touchy-feely family where everybody shares everything. Kumbayah.
  • Every time I posted I received an annoying “pingback” email because of the way I internally linked to previous posts. (This nuisance is caused by using the full URL.)
  • There is just too much JavaScript required.
  • I retained some nominal sense of privacy by using a private browsing session to access wordpress.com.

Sure, perhaps the problem is between my ears. So are comfort levels.

The default author of each post is the account login name. Seems like a security issue. By knowing the login name, hackers need only focus on cracking the password. How do hackers know this information? That seems to be the way WordPress is designed. Then again, WordPress is known for being a member of the exploit-of-the-week club.

The default author can be configured to be different. I changed this default information within a couple of hours after creating the site, but seems the Google spiders hit a new wordpress.com site almost immediately. My guess is as soon as the account is created an automated wordpress.com bot notifies the Google spiders to tag the site. I discovered this unwanted problem with a simple Google search, which normally I do not use. I toggled the blog into private mode and selected the option to “discourage” search engines. Eventually the Google result containing the login name disappeared. Thereafter I then again enabled search engine spidering.

Not that any of this actually mattered. Later I discovered the RSS feeds contain the login name. Classic WTF.

None of this monkey business takes place when using WordPress in a self-hosted environment. At least, not on my local test server or with the site I help support.

I dislike the WordPress online editor. I have WordPress installed on a virtual server on my local network and even there the editing experience is frustrating and slow. The laggy response is the same for the site I help support. To preserve my original text and minimize my time with the WordPress editor I write all postings and pages in geany or bluefish and then copy and paste. Of course, pasting only after enabling JavaScript for all subdomains.

JavaScript. The bane of the web.

Blogging at wordpress.com means being connected to many places. While connecting to numerous social media sites increases exposure to posts, I am not obsessed by the idea. I do not care for the cruft associated with attracting readers. People seem obsessed with “likes” and “tweets.” I am not interested in pingbacks and trackbacks. I do not have time for the noise.

I do not participate in any social media. On my LAN I block access to Facebook anyway, as well as third party comment handlers such as Disqus. No really, I do. The owners of those types of services believe the user is the product and that tracking is moral and ethical. I do not believe that, regardless of whatever elegant language they choose to argue otherwise. I realize many people do not care about tracking. I do.

Like many web sites these days, WordPress has built-in dependencies on Google APIs. More tracking.

Much like Microsoft and Windows, I do not trust wordpess.com. When so much effort is required to use a “free” product or service, then the cliche conclusion is obvious — I am the product.

Possibly I could reduce my exposure to the JavaScript excrement interface by emailing posts.

In the end I found wordpress.com usable as long as I ignored much. Eventually I reached a point where I realized I do not have enough feathers on my back for all of this water to roll off. I felt as though I was on the short end of this quid pro quo. I needed to end this relationship.

While running WordPress on a self-hosted server is less frustrating, I wondered about hosting costs with respect to continually running a MySQL process. I got the feeling that costs are higher than serving static pages. Self-hosted WordPress still has dependencies on Google services. Plus the security maintenance of using database backends.

Okay, enough lamenting. What to do?

I am not a card-carrying member of the everything-needs-to-be stored-in-a-database club. I prefer flat files.

More to follow.

Posted: August 13, 2016 Category: Usability Tagged: General, Migrate

Next: Managing This Blog — 2

Previous: Firefox 48 and Unsigned Add-ons

No cookies, no JavaScript, no Flash, no ads, no tracking. Just a blog.

Remember the Users
RSS imageAbout About Me