It’s that time of year, and Emacs has decreed (based on how many times I played each album) what the best ones are. I’ve played a lot of old, old music this year, so the recent purchases haven’t gotten that much play…
But these are the 15 bestest albums released in 2014.
And these are the 15 bestest albums that I bought in 2014, never mind what year they were released:
I’ve got a lot of thingamabobs that need charging now and then. But rooting out the adapters and finding a vacant wall socket is boring, so I thought I’d make a permanent charging station.
Finding a power strip that you can plug in all those wall warts is a bit of a challenge, because the adapters are often so big that you can’t place two next to each other.
But then I found this wonder:
In addition to having 12 plugs, three each on each side, it also has a convenient on/off button, so that I can switch all the adapters completely off, so they don’t even leech a single mW while not in use.
And it fits nicely into one of these Ikea book cases (with a door to hide the ugly).
That was today’s home decorating tip.
Emacs 25 will have a network security manager. You know — the thing that nags you when you visit https pages with invalid certificates and annoys all y’all so much.
Yay.
Designing a thing like that is a minefield. On one hand, you have professional security professionals who seem to insist that the sky is constantly falling and that the only secure thing one can do is to snip the Ethernet cable, pour concrete over the computer and then bury it in a volcano.
On the other hand, you have, literally, everybody else: People who don’t care about network security at all, and if you so much as ask them a simple question once, they get mad and send you email about how mad this makes them.
So! Into the breach.
The network security manager in Emacs 25 (merged into trunk last week and switched on today) checks certificate validity, STARTTLS downgrade attacks, unencrypted sending of passwords via IMAP, POP3 and SMTP, and does certificate/public key pinning for self-signed certificates.
If you’re paranoid, you can make it do certificate pinning for validated certificates, too, so that you can see when the NSA man-in-the-middles your traffic by getting a Certificate Authority to issue a forged certificate for the domains you are visiting. That’s not on by default, because we are not paranoid.
It allows you to save all these “security exceptions” for the session or permanently. And that’s where the professional security professionals will balk.
The argument is that if we allow the user to accept unverified connections, there is no security, because users always just says “yes” to everything. While that argument may be valid, the other side of the coin is that failing to communicate can also have negative ramifications.
Only the user can really say whether visiting a web site that has a problematic certificate is justified or not. When visiting an email archive to find the answer to a technical question — perhaps it is. When visiting your bank — probably not.
So: I hope that the network security manager we’ve implemented is sufficiently non-intrusive that people won’t feel it necessary to switch it off, and I hope that it’s encompassing enough that it offers some added security against snooping.
If you want to start using it now, pull down the development version of Emacs.
&album=Neognathae+Portentosus)
)
