Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Comment: Re:If it's accessing your X server, it's elevated (Score 1) 321

by serviscope_minor (#48930363) Attached to: Why Screen Lockers On X11 Cannot Be Secure

First bear in mind the attacker has local code execution. If they can put up a fake screengrabber, it's just a logout/reboot away from running a trojaned compositor (if you use Wayland), a trojaned screenlocker (if you use X) and on either system without even a reboot, a trojaned browser, terminal, ssh program and so on and so forth. So to say this is a serious flaw with X is hyperbole.

The next case is that you also claim Wayland is secure. Therefore X11 running on Wayland is secure. Therefore in that case X11 is being run in a secure manner. I claim that if that is the case, then X11 could very easily be secured, because it's eassy to see it in operation nowrunning in a way that the additional insecuritu doesn't break things.

I'm not really sure how creating yet another way for a "designated program" to monitor input events is supposed to address the problem that any X11 client can monitor keyboard events on any window in the absence of a grab, unless you intend to rewrite all existing software to grab the keyboard on receiving input focus, and force all the desktop environments to implement support for the extension and move their global keybindings into a specially designated client. At that point you might was well switch to a system designed for secure I/O from day oneâ"like Wayland.

OK, I'm lightly lost so I'm going to swing back to the original point.

First there's the one about server grabs which prevent other windows from opening. Well, you could easily have a protocol extension that allows only one connected client to bring up windows anyway. The continuation of the grab could either be faked to the grabber, or killed outright (the latter feature---killing grabs---was removed from Xorg by the wayland people because they decided we didn't need it!). Let's say it's first come, first serve, so that the first client to request this feature is the only one to get it. Or the screenlocker could get that command. This requires the WM and screenlocker to be run on boot before a trojan, but as I pointed out, if the system is that deeply trojanned anyway, then this is all pointless.

That requires some rewriting to whichever screenlockers you want to add the feature to, hardly a major undertaking since there's about 3 in common use and a few, more obscure, ones.

The other problem---a designated screen lock key combo. Well, if the screen locker has a passive grab on ctrl-alt-delete, then the fake screenlocker can't grab that, so that already works.


It's easy to implement the insecure X11 model on top of a secure system. The reverse is much more difficult.

Why? Why not have exactly the same security model? You haven't explained, only asserted, that your chosen security feature couldn't be easily available under X.

In fact when it comes to locking things down, there are things like the X security protocol, which blocks untrusted programs from executing various protocol commands. This already exists and could (I haven't checked if it does) easily block things like receiving events from a window on another connection, reparenting or redirecting a window on another connection, diddling with the global keymap and so on.

Anyway if there's unsanboxed local code execution, you're basically screwed on any system.

Comment: Re:Screen locker == physical access == ... (Score 1) 321

by serviscope_minor (#48930269) Attached to: Why Screen Lockers On X11 Cannot Be Secure

You're not going to get any of my data that way, which is what is actually important.

I'm not sure I follow. Surely if I had unlocked access to your phone, I could simply read whatever data was on there? Also, can you install free apps without an additional password? If so what stops me installing a keyboard app trojan?

Honest question: I don't own an iPhone. If it stops those kind of attacks it would be great to know how.

Comment: Re:If it's accessing your X server, it's elevated (Score 1) 321

by serviscope_minor (#48928481) Attached to: Why Screen Lockers On X11 Cannot Be Secure

What exactly would you propose to add? This isn't a matter of implementing new functionality, but rather removing fundamental misfeatures. Any change to address this issue is going to end up breaking existing applications which depend on the original input behavior.

Oh how about a new protocol extension that allows one designated program to receive all keyboard inputs regardless of any other grabs. The X11 server can keep on pretending that the other grabbers still have such a grab.

Look: X11 works on Windows even though windows can apparently REALLY gab the keyboard. X11 will we are told work on Wayland too despite the fact that wayland can apparently REALLY grab they keyboard. Do you really think it couldn't be extended to do that itself?

Comment: Re:First they came for... (Score 0) 215

by circletimessquare (#48927655) Attached to: Facebook Censoring Images of the Prophet Muhammad In Turkey

what have you "won" exactly?

You "win" Turkish citizens annoyed with their government -- a win in the only venue likely to be able to create change there.

i stopped reading there

how did that work with cuba? iran? north korea? china?

what you're asking for is massacred citizens

iran for example

http://en.wikipedia.org/wiki/2...

no matter how many intelligent, forward thinking students you have agitating in the cities, the government just calls up busloads of basiji thugs from the countryside and cracks skulls until change seekers shut up in fear. or worse:

http://en.wikipedia.org/wiki/D...

slow stead engagement is what really works

reactionary inflexibility simply means no change at all

welcome to reality

this is you:

http://www.politico.com/story/...

pragmatism, flexibility, realism, compromise always wins

inflexible ideological dogmatism is how you lose and are ignored

Comment: Re:Eisenhower said it (Score 1) 201

by circletimessquare (#48927567) Attached to: Ask Slashdot: What Makes a Great Software Developer?

well yeah, by definition a rock star is very rare

so if you want a rockstar working for you, you better be ready to shell out big money or provide truly extraordinary perks

you can't just expect or demand rock star status from average or even above average programmers. you can't mold people's personalities like their technical proficiency. i suppose there does exist stress mitigating strategies someone can consciously adapt. but from the rock star i met, it is a sort of chilly immunity to even the concept of stress that is quite awesome to behold

that's why i quoted eisenhower

because when i met such a person, i immediately thought of someone functioning under the stresses of extreme combat. i thought of this person on the eastern front in wwii. what it would take to survive *real* stress, because stress in programming, while real, taken in perspective to something like fields of combat, is a joke

i always wondered if this person had indeed been in such an extreme stressful environment, like war. a sort of "once i've seen that, none of this shit impresses me." because indeed, nothing seemed to impress him. you could scream in his face and he would react the same as if you were casually discussing gardening. nothing phased the dude

Comment: Re:Eisenhower said it (Score 1) 201

by circletimessquare (#48927469) Attached to: Ask Slashdot: What Makes a Great Software Developer?

I haven't met or heard of anybody who is a "rock star" by your criterion. The closest I met was a person of very resilient personality, capable of working hard and steady through great stress, and who had an average level of talent. Not a bad person to have as part of a team, but in no way a rock star.

i have met a person with that stress proof personality, and above average talent. they exist. those are the rockstars

Comment: Re:First they came for... (Score 0) 215

by circletimessquare (#48927399) Attached to: Facebook Censoring Images of the Prophet Muhammad In Turkey

ok, let's say you prevail. zuckerberg gives turkey the middle finger and doesn't censor images

ok, now facebook is kicked out turkey

what have you "won" exactly?

how has turkey changed in any way? you've given the authoritarians a win: they've successfully excised the evil western cancer of facebook from glorious turkey

and how will turkey change in the future?

so you're for not opening diplomatic relations with cuba? we should just never ever ever reconcile or talk with cuba? how has that strategy paid off to change cuba?

we don't talk to iran? what is iran's attitude going to be then?

you are a dogmatic rigid ideologue

you are exactly the same as what you don't like in turkey

and the fruits of your ignorant stubbornness is you HELP the people you don't like

pragmatism always wins

Comment: Re:physical access (Score 1) 321

by serviscope_minor (#48926013) Attached to: Why Screen Lockers On X11 Cannot Be Secure

Which could be a good argument for replacing X. It is rather old technology, perhaps it is time to update it to something newer, rather than clinging to it and claiming it is all one needs.

Or how about adding a protocol extension to deal with this security problem as has been done a number of times in the past for authentication. I don't understand why X11 seems to get special treatment here.

Program has security flaw. Response "has it been patched yet"

X11 has security flaw: we can't possibly patch it we must discard everything and start again.

There's certainly some things wrong with X11, but this is one which could be solved easily. It could, for example, be done by having a "kill all grabs" command which is available to the window manager.

Comment: Uh. (Score 1) 321

by serviscope_minor (#48925945) Attached to: Why Screen Lockers On X11 Cannot Be Secure

Uh.

Why can't I have my screen locker have a passive grab on Ctrl+Alt+Delete or shift+altgr+control+` or whatever, using XGrabKey. That way if someone else installs a screenlock faker then I'll know because it won't respond to the magic key presses.

The thing is on Windows it never worked as well as it ought to. The reason is that if the screen said something like:

"pls entar u r passwordz to login"
[ password box ]
[OK]

"pls wate wile redirecting to http://scamsite.ru/yourbank"

"Pls entar u r bank passwrd thx"

an appalingly large number of people would have dilligently followed those steps. the ctrl+alt+delete thing was fine but required more knowledge than 99.9% of users had.

Oh and the active grab thing: if you ever hear a wayland dev tout that as a problem, please kick them in the nuts because it XFree86 USED to have a feature for killing grabs from a keystroke, until the fuckers who went on to develop Wayland decided we didn't really need it because "it would only be needed if a program is buggy". Well, no fucking shit hotshot.

Do not use the blue keys on this terminal.

Working...