[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A couple of questions and concerns about Emacs network security

From: Jimmy Yuen Ho Wong
Subject: Re: A couple of questions and concerns about Emacs network security
Date: Sat, 7 Jul 2018 15:32:19 +0100

>> I don't see how this is relevant, since we are talking about just
>> one piece of software: Emacs.  For the purposes of this discussion,
>> whether they use the same browsers or different ones, because we are
>> not discussing those browsers.
> You may not see the relevance, but others do.

The relevance is what browsers do is a very good heuristics for
someone like me who wants a starting point to find out what problems
to look out for. Another piece of information these browsers give me
is being able to predict the future. These browsers hold enormous
power in shaping the internet. Just Google deprecating SHA1 certs
alone is enough to make them drop to exactly 0 within a month[1]. I
don't see any other relevance beyond these two.

I know Perry you probably want to copy what browsers do - basically
removing unsafe ciphers and only offer one security levels, and
perhaps drop support for GnuTLS version other than the most recent
stable version. I can tell you now that in practical terms, they make
very little difference. For Gmail, 85% outbound and 91% inbound emails
are secured with TLS[2]. For HTTP, most of the checks I've implemented
is already supported by a vast majority of servers out there, and
given that the time people spend on the web vs the websites' Alexa
rankings follows the Pareto distribution, most of the time you won't
even get a warning. No warning, no decision to make.

For the 20% of time you are not spending on Alexa top 20k, we can
infer from SSLLabs' SSLPulse data to get a sense of how dangerous they
are. SSLPulse tracks the Alexa top 150K websites, with the exception
of protocol downgrade defense, no other problems that I check for
exceed 5% on this list of servers. 5% of 20% is 1%. If you only
consider cipher suites independently, given that browsers have removed
a shit ton of unsafe cipher suites already, the chance of getting an
unsafe cipher suite from a handshake is very very very small.

The whole reason I'm working on fixing Emacs' network security is I
believe Emacs' esoteric user base is probably extreme outliers, and
Emacs' TLS defence is next to useless. I'm not working on this for
normal people here.

[1]: "Certificate Signature Algorithms" Jan 2017 - Feb 2017.
[2]: https://transparencyreport.google.com/safer-email/overview

reply via email to

[Prev in Thread] Current Thread [Next in Thread]