From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Ted Zlatanov <tzz@lifelogs.com>
Newsgroups: gmane.emacs.devel
Subject: Re: GnuTLS for W32
Date: Fri, 06 Jan 2012 10:26:17 -0500
Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos
Message-ID: <87r4zczwbq.fsf@lifelogs.com>
References: <CAJU7zaKH0NTE7ko6u24gXy9WupsNw+CAvhMdVudzxpXvsY2vig@mail.gmail.com>
	<87hb0b77nr.fsf@lifelogs.com> <8739bvs27m.fsf@wanadoo.es>
	<87ty4b4329.fsf@lifelogs.com> <m3mxa3p5e7.fsf@stories.gnus.org>
	<87hb0b3yoe.fsf@lifelogs.com>
	<6ED011D5-E185-44C6-BB31-A445A4E5F83A@gmail.com>
	<87wr976otx.fsf@lifelogs.com> <E1Rig0X-0005lQ-Pv@fencepost.gnu.org>
	<87ipkq6yy5.fsf@lifelogs.com> <87boqi6tzz.fsf@linux-hvfx.site>
	<87ehve3ul8.fsf@lifelogs.com>
	<CAAeL0SQuSONPtE45A_vQ=5F4x+J3Shv8AvYOG3woYgqz7_7Q9g@mail.gmail.com>
	<87lipl22xm.fsf@lifelogs.com>
	<CAAeL0SQS8e1zwsj_UUzkbazBHt534e8WVCJ4Row__R4uRn8wXg@mail.gmail.com>
	<87boqh20ha.fsf@lifelogs.com>
	<CAAeL0SSO7JA3QRYYWg6uOUkWsk87BoyZd9JQd4RLjD9yprq=YQ@mail.gmail.com>
	<877h151x01.fsf@lifelogs.com>
	<CAAeL0SQ4CwjfqP6_6e96VMavKZUg74c6FruN=rk=PuZhJfjctQ@mail.gmail.com>
	<87y5tkzzwp.fsf@lifelogs.com>
	<CAAeL0ST76Y75d21LUmagRp3yJHaauLOJeNU9xhTPM_ou7WJfBA@mail.gmail.com>
Reply-To: emacs-devel@gnu.org
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Trace: dough.gmane.org 1325864118 4302 80.91.229.12 (6 Jan 2012 15:35:18 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Fri, 6 Jan 2012 15:35:18 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Jan 06 16:35:14 2012
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([140.186.70.17])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1RjBp2-0001Q5-OI
	for ged-emacs-devel@m.gmane.org; Fri, 06 Jan 2012 16:35:12 +0100
Original-Received: from localhost ([::1]:51320 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1RjBp2-0006QR-1n
	for ged-emacs-devel@m.gmane.org; Fri, 06 Jan 2012 10:35:12 -0500
Original-Received: from eggs.gnu.org ([140.186.70.92]:39394)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1RjBoy-0006OY-D7
	for emacs-devel@gnu.org; Fri, 06 Jan 2012 10:35:09 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1RjBhE-0001iF-OZ
	for emacs-devel@gnu.org; Fri, 06 Jan 2012 10:27:26 -0500
Original-Received: from lo.gmane.org ([80.91.229.12]:57545)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1RjBhE-0001ha-BD
	for emacs-devel@gnu.org; Fri, 06 Jan 2012 10:27:08 -0500
Original-Received: from list by lo.gmane.org with local (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1RjBhB-000694-PL
	for emacs-devel@gnu.org; Fri, 06 Jan 2012 16:27:05 +0100
Original-Received: from c-76-28-40-19.hsd1.vt.comcast.net ([76.28.40.19])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Fri, 06 Jan 2012 16:27:05 +0100
Original-Received: from tzz by c-76-28-40-19.hsd1.vt.comcast.net with local (Gmexim 0.1
	(Debian)) id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Fri, 06 Jan 2012 16:27:05 +0100
X-Injected-Via-Gmane: http://gmane.org/
Mail-Followup-To: emacs-devel@gnu.org
Original-Lines: 41
Original-X-Complaints-To: usenet@dough.gmane.org
X-Gmane-NNTP-Posting-Host: c-76-28-40-19.hsd1.vt.comcast.net
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;
	d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT=
	D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
Mail-Copies-To: never
User-Agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.90 (gnu/linux)
Cancel-Lock: sha1:9NBigaZqyUqUGahRAh8vih7ytYw=
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-Received-From: 80.91.229.12
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:147400
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/147400>

On Fri, 6 Jan 2012 15:35:44 +0100 Juanma Barranquero <lekktu@gmail.com> wrote: 

JB> 2012/1/6 Ted Zlatanov <tzz@lifelogs.com>:

>> I'm not.  The risk is not worth the effort with image libraries.

JB> I don't understand why. Buffer overruns exploited through
JB> carefully-crafted images have been used before. I would fear that (as
JB> a vector for malware) much more than someone eavesdropping my
JB> communications.

I don't think those are as risky, but even if I did it doesn't really
support your point.

>> SSH clients are not extensible layout engines with embedded interpreters
>> and flexible package managers.  As I keep saying, compare Emacs to
>> Firefox and Chrome, not to `vim' or `ssh' and `grep'.  It hasn't been
>> just an editor in a long while.  Eclipse is another good comparison
>> point.

JB> Compare it to Apache, which can be infinitely extended via external
JB> modules and it's mission-critical for so many business.

That's a very tough comparison.  I'm listing "extensible layout engines
with embedded interpreters and flexible package managers" which Apache
has never been, never mind that it's not interactive with the user since
it's a daemon.

>> No, it's not like that at all.  Intrusion detection and security
>> advisories are completely different things.

JB> I thought it was evident I was not comparing situations, but
JB> inadequate feelings of security.

Yes, I understood your point.  While you're right that AV software can
provide a false feeling of security, security advisories do not provide
a feeling of security at all.  They let you know when your security is
at risk.  None of my proposal aims to make users feel secure, but rather
to tell them when they are not.

Ted