Re: Authorized clients

On 10/01/14 04:32, Jasper St. Pierre wrote: > Here, run this program. You can audit it, it won't steal your > credentials, but it doesn't take a screenshot of the desktop, and is > fairly convincing. It would probably even fool me. It's X11, simply > because that's easier than writing a raw Wayland

Re: Authorized clients

On Thu, Jan 9, 2014 at 7:05 PM, Martin Peres wrote: > On 09/01/2014 23:57, Maarten Baert wrote: > >> >> On 09/01/14 21:54, Martin Peres wrote: >> >>> The worse thing that can happen is an application running with the >>> user's uid grabbing and sending periodical screenshots to a distant server >

Re: Authorized clients

On 10/01/14 01:05, Martin Peres wrote: >> Let me help: >> - The attacker has installed a Firefox plugin that sends him a copy >> of all forms that you fill out. >> - The attacker has messed with your PATH and has installed an >> infected Firefox binary in a folder you own, and you're running that >

Re: Authorized clients

Am 2014-01-10 01:05, schrieb Martin Peres: Hey, don't twist his question and my answer ;) The question was IF our protocol is wrong. Remember, we aren't addressing the security of desktop here. We are looking for a way to provide a service (screenshots) and trying to find a way to make it as diff

Re: Authorized clients

On 09/01/2014 23:33, Maarten Baert wrote: On 09/01/14 20:25, Bill Spitzak wrote: Screenshot applications I have seen are triggered by a key, yes, but all of them then show the initial screenshot to the user and then allow the user to change parameters and make a second screenshot. I suppose re

Re: Authorized clients

On 09/01/2014 22:16, Jasper St. Pierre wrote: On Thu, Jan 9, 2014 at 3:54 PM, Martin Peres > wrote: Le 09/01/2014 20:36, Jasper St. Pierre a écrit : Security is based on trust. If you trust nothing, the computer won't do very much for you. You ca

Re: Authorized clients

On 09/01/2014 23:57, Maarten Baert wrote: On 09/01/14 21:54, Martin Peres wrote: The worse thing that can happen is an application running with the user's uid grabbing and sending periodical screenshots to a distant server running OCR and waiting for you to enter your bank details on amazon.c

Re: Authorized clients

On 09/01/14 21:54, Martin Peres wrote: > The worse thing that can happen is an application running with the > user's uid grabbing and sending periodical screenshots to a distant > server running OCR and waiting for you to enter your bank details on > amazon.com. As for how this application got ins

Re: Authorized clients

On 09/01/14 20:25, Bill Spitzak wrote: > Screenshot applications I have seen are triggered by a key, yes, but > all of them then show the initial screenshot to the user and then > allow the user to change parameters and make a second screenshot. I > suppose restricting the ui so that the user must

Re: Screen shooting and recording protocols (Re: Authorized clients)

On 09/01/14 20:14, Bill Spitzak wrote: > My quick impression is that a framerate hint is not needed. Instead > they are throttled by the client not releasing the buffers. I tried that the first time I implemented OpenGL recording (using a 5-frame ring buffer). It worked, kind of, but the frame rate

Re: Authorized clients

On Thu, Jan 9, 2014 at 3:54 PM, Martin Peres wrote: > Le 09/01/2014 20:36, Jasper St. Pierre a écrit : > > Security is based on trust. If you trust nothing, the computer won't do >> very much for you. You can't even trust it to compute correctly. >> > > Security is based on access control. Every

Re: Screen shooting and recording protocols (Re: Authorized clients)

Le 09/01/2014 21:47, Maarten Baert a écrit : On 09/01/14 10:00, Pekka Paalanen wrote: Those are some reasons why screen recording (video) is easier to do as a compositor plugin, like it is currently in Weston. A separate client would need a non-trivial amount of new Wayland protocol to work well

Re: Authorized clients

Le 09/01/2014 20:36, Jasper St. Pierre a écrit : Security is based on trust. If you trust nothing, the computer won't do very much for you. You can't even trust it to compute correctly. Security is based on access control. Every program that exposes a service should think about how can it be a

Re: Screen shooting and recording protocols (Re: Authorized clients)

On 09/01/14 10:00, Pekka Paalanen wrote: > There are differences in the implementation details of shooting (stills) > vs. recording (videos). > > Weston supports (though disabled atm, AFAIK) hw overlays in addition to > the GL renderer. To make a screenshot, the overlays are temporarily > disabled

Re: Screen shooting and recording protocols (Re: Authorized clients)

Le 09/01/2014 20:14, Bill Spitzak a écrit : Pekka Paalanen wrote: Right... so that'd be a framerate hint, which the compositor only uses if it needs to do a significant amount of work for each sent frame. We probably want to keep most of the rate control still in the encoding program, so it can

Re: Authorized clients

Le 09/01/2014 20:25, Bill Spitzak a écrit : Martin Peres wrote: We don't need to trust the client much if we limit the number of screenshots to 1. This way, the worse thing that could happen for your privacy would be if your cat sits on the keyboard and presses "print screen" all the time whi

Re: [PATCH] shell: run surface bindings only when focus surface is not NULL

Rafal Mielniczuk wrote: This fixes the crash when move, rotate or resize binding is activated while exposay effect is active. + if (seat->pointer->focus == NULL) + return; + + focus = seat->pointer->focus->surface; + surface = weston_surface_get_main_surface(f

Re: Authorized clients

Security is based on trust. If you trust nothing, the computer won't do very much for you. You can't even trust it to compute correctly. What's the threat model here? Let's say that we design a screenshot API, and in your opinion it's the worst thing ever. Who's attacking? How are they attacking?

Re: Authorized clients

Martin Peres wrote: We don't need to trust the client much if we limit the number of screenshots to 1. This way, the worse thing that could happen for your privacy would be if your cat sits on the keyboard and presses "print screen" all the time while you key in sensitive information (unlikely

Re: Screen shooting and recording protocols (Re: Authorized clients)

Pekka Paalanen wrote: Right... so that'd be a framerate hint, which the compositor only uses if it needs to do a significant amount of work for each sent frame. We probably want to keep most of the rate control still in the encoding program, so it can pick the best frames to drop or duplicate.

[PATCH] Add a FreeRds backend, take 5

FreeRDS is a FreeRDP based RDP server, the server handles incoming connections and talks RDP with the peers. FreeRds cooperates with an "out-service": the out-service creates the content to display, and FreeRds will take care of encoding the content in the appropriate format (bitmapUpdate, remot

Re: Screen shooting and recording protocols (Re: Authorized clients)

On Thu, 09 Jan 2014 15:15:48 +0100 Martin Peres wrote: > Le 09/01/2014 14:41, Pekka Paalanen a écrit : > > On Thu, 09 Jan 2014 13:05:28 +0100 > > Martin Peres wrote: > > > >> There is a way to limit the memory consumption of apps that don't > >> consume buffers. We could have a small ring buffer

Re: Screen shooting and recording protocols (Re: Authorized clients)

Le 09/01/2014 14:41, Pekka Paalanen a écrit : On Thu, 09 Jan 2014 13:05:28 +0100 Martin Peres wrote: There is a way to limit the memory consumption of apps that don't consume buffers. We could have a small ring buffer of wl_buffer or dma-buf (if we want 0 copy) on the compositor side. When the

Re: Screen shooting and recording protocols (Re: Authorized clients)

On Thu, 09 Jan 2014 13:05:28 +0100 Martin Peres wrote: > Le 09/01/2014 10:00, Pekka Paalanen a écrit : > > Hi, > > > > what I'm replying to has nothing to do with security anymore, so I > > changed the topic. > > > > The security issue is what and when can use a specific protocol > > interface, t

Re: Screen shooting and recording protocols (Re: Authorized clients)

Le 09/01/2014 10:00, Pekka Paalanen a écrit : Hi, what I'm replying to has nothing to do with security anymore, so I changed the topic. The security issue is what and when can use a specific protocol interface, the below is about how to use the interfaces once you already have access This is i

Re: Authorized clients

Le 08/01/2014 21:20, Sebastian Wick a écrit : Am 2014-01-08 19:53, schrieb Martin Peres: Le 08/01/2014 17:20, Sebastian Wick a écrit : Am 2014-01-07 15:07, schrieb Martin Peres: Those are extremely rare cases. Users wanting to do that should agree they give up confidentiality and should thus b

[PATCH] alt-tab: highlight the currently selected view

From: Emilio Pozuelo Monfort --- desktop-shell/shell.c | 11 +++ 1 file changed, 11 insertions(+) diff --git a/desktop-shell/shell.c b/desktop-shell/shell.c index 13a42e1..3cb82a1 100644 --- a/desktop-shell/shell.c +++ b/desktop-shell/shell.c @@ -3987,12 +3987,23 @@ struct alt_tab_previ

Screen shooting and recording protocols (Re: Authorized clients)

Hi, what I'm replying to has nothing to do with security anymore, so I changed the topic. The security issue is what and when can use a specific protocol interface, the below is about how to use the interfaces once you already have access. On Wed, 8 Jan 2014 23:30:29 +0100 Maarten Baert wrote: