When X11 came to my attention, in the 1980's, it was called X11. "What," I
wondered back then, "could that mean?"
Back then, we would get to know new software long before version 11, so it
seemed an odd name. Back then.
It's been X11 for millennia. I discovered Exfiltrator (or Exfiltration,
'ex'+10) about a year ago. LOL.
I actually did not know about the vulnerability. Thanks, Matthew.
And yes, I was voicing the untested theory of precisely what you
articulated, Luke.
I live in post-2016 USA and have essentially given up hope of any sort of
computer security.
The mantra I developed, as my coworkers insisted on using (for instance)
the React JS package
that had "Exfil" as a dependency, was:
"When in Rome."
On Fri, Mar 29, 2024 at 4:44 PM <[email protected]> wrote:
> Luke A. Call writes:
> >
> > On 2024-03-29 09:01:07-0400, James Huddle <[email protected]>
> wrote:
> > > Exfiltrator. There's an 11-letter word that starts with "ex". X11.
> >
> > After a quick web search, I'm not sure I follow. Is that a reference to
> > a program that exfiltrates data after a computer is compromised? Can you
> > elaborate a little? I realize this is an ignorant question.
>
> In short, there is a well known shortcoming or feature depending
> on who you ask inherent in the X protocol's design where any
> application which uses the X server (ie. can access the tcp port
> or unix socket and has the correct xauth key, which is to say all
> of them) can request (and get) the ability to read all of the X
> events, which includes every key press and mouse movement in every
> application.
>
> Exfiltrator is 11 letters and we are at X protocol version 11.
>
> There are common mitigations against this problem, such as not
> giving strangers the ability to run unknown programs on your console.
>
> Matthew
>
>
