From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!.POSTED!not-for-mail
From: Eli Zaretskii <eliz@gnu.org>
Newsgroups: gmane.emacs.devel
Subject: Re: A couple of questions and concerns about Emacs network security
Date: Sat, 07 Jul 2018 10:02:41 +0300
Message-ID: <83zhz3jzou.fsf@gnu.org>
References: <m236xe5vo2.fsf@mobilecat.lan>
	<eba313cf-104d-50dd-f1cd-4acb15864c0f@cs.ucla.edu>
	<83o9g2uhju.fsf@gnu.org>
	<20180705115826.73c1d95e@jabberwock.cb.piermont.com>
	<E1fbCz5-00088E-Cg@fencepost.gnu.org>
	<CAKDRQS68xcs74s3afKTYgnQQYC1URhK6AAw=zGMSACGJbPU1Fw@mail.gmail.com>
	<83a7r4n5ht.fsf@gnu.org> <87lgaoaf2f.fsf@gmail.com>
	<CAKDRQS4iSG+vO2KXyVVWFCxoFfvNCPUO6ziOGBFGt6Zu=KOsgg@mail.gmail.com>
NNTP-Posting-Host: blaine.gmane.org
X-Trace: blaine.gmane.org 1530946907 19522 195.159.176.226 (7 Jul 2018 07:01:47 GMT)
X-Complaints-To: usenet@blaine.gmane.org
NNTP-Posting-Date: Sat, 7 Jul 2018 07:01:47 +0000 (UTC)
Cc: eggert@cs.ucla.edu, larsi@gnus.org, perry@piermont.com, rms@gnu.org,
	emacs-devel@gnu.org
To: Jimmy Yuen Ho Wong <wyuenho@gmail.com>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sat Jul 07 09:01:42 2018
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by blaine.gmane.org with esmtp (Exim 4.84_2)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1fbhDx-0004wx-Qi
	for ged-emacs-devel@m.gmane.org; Sat, 07 Jul 2018 09:01:41 +0200
Original-Received: from localhost ([::1]:60807 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1fbhG4-0007pX-US
	for ged-emacs-devel@m.gmane.org; Sat, 07 Jul 2018 03:03:52 -0400
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:38738)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <eliz@gnu.org>) id 1fbhFO-0007oA-0r
	for emacs-devel@gnu.org; Sat, 07 Jul 2018 03:03:13 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <eliz@gnu.org>) id 1fbhFK-0000xl-Fj
	for emacs-devel@gnu.org; Sat, 07 Jul 2018 03:03:10 -0400
Original-Received: from fencepost.gnu.org ([2001:4830:134:3::e]:49043)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@gnu.org>)
	id 1fbhF0-0000pP-Ib; Sat, 07 Jul 2018 03:02:46 -0400
Original-Received: from [176.228.60.248] (port=4185 helo=home-c4e4a596f7)
	by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
	(Exim 4.82) (envelope-from <eliz@gnu.org>)
	id 1fbhEr-00029G-HW; Sat, 07 Jul 2018 03:02:38 -0400
In-reply-to: <CAKDRQS4iSG+vO2KXyVVWFCxoFfvNCPUO6ziOGBFGt6Zu=KOsgg@mail.gmail.com>
	(message from Jimmy Yuen Ho Wong on Fri, 6 Jul 2018 19:06:29 +0100)
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel/>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: "Emacs-devel" <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Xref: news.gmane.org gmane.emacs.devel:227035
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/227035>

> From: Jimmy Yuen Ho Wong <wyuenho@gmail.com>
> Date: Fri, 6 Jul 2018 19:06:29 +0100
> Cc: Eli Zaretskii <eliz@gnu.org>, "Perry E. Metzger" <perry@piermont.com>, Lars Ingebrigtsen <larsi@gnus.org>, 
> 	Paul Eggert <eggert@cs.ucla.edu>, rms@gnu.org
> 
> In security circles these days, there's such a thing known as
> "security fatigue". Overly troublesome security measure that don't
> take human psychology into account will lead to numbness. A side
> effect of that is users will simply start ignoring security warnings
> like they skip reading iTunes's EULA.

Exactly my concerns wrt putting too many checks into 'medium'.

Is there any way to know in advance the percentage of connections (by
protocol, if possible) that will trigger any of those checks?  If so,
we could have some quantitative measure of when the "fatigue" might
strike, and decide accordingly.  Failing that, I guess the only way
would be to let users complain...