undefined | Better HN

0 pointsWD-421y ago0 comments

Hackable is right. But not always in the positive sense of the word.

0 comments

11 comments · 3 top-level

l721y ago· 5 in thread

I find it very interesting how much our threat model has changed in the last 10-15 years. We no longer trust even local software, as we have to assume everything is now malicious. Commercial software from "reputable" companies can't be trusted to not pull a ton of analytics and personal data off your computer. We now have to worry about every piece of software being a keylogger and spying on other windows/applications and reporting back.

We've had to give up so much flexibility. Wayland certainly focuses on plugging this hole, but it means we've lost all these cool utilities like this one. There was just so much you could do with devilspie, xdotool, and others to make sure my operating system and window environment worked for me.

I still really miss X11's Zaphod mode, where you had two independent X sessions (:0.0 and :0.1) on two different monitors, with different window managers and different windowing rules.

I miss the days of being able to trust my computer and trust my software.

singpolyma31y ago

If you can't trust your locally installed software, everything is lost. I understand where this new threat model comes from for some people but I'd rather continue to avoid bad software sources than hamstring my OS in the hopes of avoiding malware I installed on purpose.

l721y ago

I agree. But can you trust Zoom? What about Office or Photoshop? Can you trust Websites or your browser anymore? Even open source apps have analytics in them that may not be trustworthy anymore (firefox, audacity, ...).

3 more replies

marcosdumay1y ago

> If you can't trust your locally installed software, everything is lost.

That's only true if you decide to trust it.

You can deal perfectly well with software you distrust, and not have it harm your system.

1 more reply

BlueTemplar1y ago

> Commercial software from "reputable" companies can't be trusted to not pull a ton of analytics and personal data off your computer.

Thankfully, for a lot of software, there is no reason to ever give them network access in the first place.

account421y ago

What is interesting is that physical home security has gone in the opposite direction - people are happy to put dozens of devices in they home which can (and some definitely do) stream everything they hear and see to the cloud.

ajross1y ago· 3 in thread

FWIW, the threat model you're imagining is an attacker being able to run code to display directly to the desktop using the lowest level native API. A local[1] code exploit at the level of an interactive user is already a huge failure in the modern world.

Is that a reasonable argument against using X11? Sure, for some use cases. Is it a good argument for wayland/windows/OSX/whatever to do your tiling WM experimentation? Not really, those environments kinda suck for playing around with.

[1] Or "local-ish", your system or a trusted remote has to have been compromised already. Untrusted X11 protocol still exists but is deliberately disabled (and often blocked) everywhere. Even ssh won't forward it anymore unless you dig out the option and turn it on manually.

boudin1y ago

Isn't any app that can access read the x11 socket able to read any input? It's not just running an explicitly malicious app but also the risk of compromising an app which can read the x11 socket (e.g. Firefox)

p_l1y ago

It's also why there existed more advanced security extensions for X11 (like security labels for windows), but also why even bare-bones X11 had methods to ensure that only one specific application was getting input, specifically to handle secure input like with passwords.

ajross1y ago

Yes, exactly. I'm just saying that the response to a remote browser exploit in firefox is more likely to be "YIKES ZERO DAY IN FIREFOX!!!!!" and not "well it's a good thing we're running it in windows so it can't screenshot other apps or inject key events".

It's not like it's not a valid argument, just that it's sort of a nitpick. Security is hard, and defense in depth is a thing, but this particular attack surface is way, way back in the "depth" stack for a modern app deployment.

1 more reply

account421y ago

It very much is. I expect programs running on my computer to not be restricted in how they can help me.

j / k navigate · click thread line to collapse

0 comments

11 comments · 3 top-level

l721y ago· 5 in thread

I still really miss X11's Zaphod mode, where you had two independent X sessions (:0.0 and :0.1) on two different monitors, with different window managers and different windowing rules.

I miss the days of being able to trust my computer and trust my software.

singpolyma31y ago

l721y ago

3 more replies

marcosdumay1y ago

> If you can't trust your locally installed software, everything is lost.

That's only true if you decide to trust it.

You can deal perfectly well with software you distrust, and not have it harm your system.

1 more reply

BlueTemplar1y ago

> Commercial software from "reputable" companies can't be trusted to not pull a ton of analytics and personal data off your computer.

Thankfully, for a lot of software, there is no reason to ever give them network access in the first place.

account421y ago

ajross1y ago· 3 in thread

boudin1y ago

p_l1y ago

ajross1y ago

1 more reply

account421y ago

It very much is. I expect programs running on my computer to not be restricted in how they can help me.

j / k navigate · click thread line to collapse