Emacs Snitch and How to Improve Performance
Is emacs a security nightmare? Emacs is a massive open source project bundled with a huge number of programs, some of which want access to the internet. Couldn't it be loaded with back doors? I bet you've asked that question. And the answer is yes it could, and so could any other program on your computer requesting internet access. As a computer user, assuming you're not a security expert and you don't have one handy, you want to check the integrity of all the programs you install, and at least monitor their internet access with a third-party program. In truth, an emacs package would be an excellent way to gain access to a users computer.
Enter Snitch. The emacs package that at least attempts to act like a firewall.
I'm not fond of Snitch. I find the name a little dark, but not in a good way, more like delinquent and mistrustful. I do however recommend monitoring your emacs packages and setting up some kind of beacon indicating which packages are accessing the internet and when.
I've included a few other snippets of code here, as they are located in this section of the initialization file I'm porting over to Hugo.
(use-package snitch ;:ensure t ;:disabled t :commands snitch-mode :config (setq snitch-network-policy 'allow) (setq snitch-process-policy 'allow) (setq snitch-log-policy '(allowed blocked whitelisted blacklisted)) ;(setq snitch-log-verbose nil) (setq snitch-enable-notifications t) ;(setq snitch-log-buffer-max-lines) ;better identification error causation, worse performance (setq snitch-trace-timers -1) ;(snitch-mode +1) );end snitch
variables to configure - snitch-network-policy - snitch-process-policy - snitch-log-policy/ies - snitch-network-*list - snitch-process-*list - snitch-restart, snitch-mode
go to "snitch firewall log", select entry - snitch-filter-from-log to add/remove rules interactively
A Few Performance Improvements
;colors (setq ns-use-srgb-colorspace nil) ;; Don't lock files. (setq create-lockfiles nil) ;avoid emacs stall on long files (global-so-long-mode 1) (setq redisplay-dont-pause t) (setq jit-lock-defer-time 0)
(use-package password-generator ;:ensure t :commands( password-generator-simple password-generator-strong password-generator-paranoid password-generator-phonetic password-generator-numeric ;password-generator-custom ;(setq password-generator-custom-length 12) ;(setq password-generator-custom-alphabet 'lithuanian') ) );end password generator