Announcement

Collapse
No announcement yet.

Wayland Remote Desktop May Come To Fedora 29

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    Originally posted by RussianNeuroMancer View Post
    Why not Spice?
    Or rdp.

    Vnc runs like shit, why not replace it with something better.

    Comment


    • #12
      how many native programs are currently based on wayland?
      Last edited by Azrael5; 06-09-2018, 07:44 AM.

      Comment


      • #13
        Originally posted by misp View Post

        Or rdp.

        Vnc runs like shit, why not replace it with something better.
        VNC is a very simple protocol anyhow

        Comment


        • #14
          Originally posted by Azrael5 View Post
          how many native tasks are currently based on wayland?
          What is a native task?

          Comment


          • #15
            Originally posted by R41N3R View Post

            What is a native task?
            I mean a native program based on wayland instead of xwayland.

            Comment


            • #16
              Originally posted by Azrael5 View Post

              I mean a native program based on wayland instead of xwayland.
              So virtually any program using qt5 or gtk3?

              Most programs utilizing a framework shouldn't really care about wayland vs X11 because they are doing exactly the same, render locally and then handing over the buffer to have it displayed.

              There are a few differences, I admit, like global hotkeys or screen recording but that is mainly due to the more secure design of wayland over X11 (with wayland, a virus cannot alter for example the output of firefox by just drawing over it or collecting all your keystrokes of a different program.) It is really hard to distinguish a keylogger from a program looking for keystrokes to do hotkeys so thats were some work is afaik still missing.

              Comment


              • #17
                Originally posted by kaprikawn View Post
                Wayland has been designed with security in mind
                Please, that's not security it's pseudo-security at best. Just because some poeple use their PCs as a tablet or a game console does not mean that "there are no problems or missing features, who needs those?!?!??"

                See for more opinions: https://news.ycombinator.com/item?id=12531212

                The basic rule in unix is: run an application under the same user as the one you gave sudo access to, and you implicitly TRUST it. If you're afraid of keyloggers for example (and exploits will always exist no matter of idealistic bs, there have been wayland keyloggers already), then simply shut down every other user that's untrusted before inputting something sensitive. sudo password is irrelevant though, since they shouldn't have access to sudo in the first place.

                Comment


                • #18
                  Originally posted by Weasel View Post
                  Please, that's not security it's pseudo-security at best. Just because some poeple use their PCs as a tablet or a game console does not mean that "there are no problems or missing features, who needs those?!?!??"

                  See for more opinions: https://news.ycombinator.com/item?id=12531212

                  The basic rule in unix is: run an application under the same user as the one you gave sudo access to, and you implicitly TRUST it. If you're afraid of keyloggers for example (and exploits will always exist no matter of idealistic bs, there have been wayland keyloggers already), then simply shut down every other user that's untrusted before inputting something sensitive. sudo password is irrelevant though, since they shouldn't have access to sudo in the first place.
                  WTF are you even talking about? Wayland is more secure then X11 and not pseudo secure. In X11 every application got every keystroke so your sudo password was also visible to your music player for what ever reason. That is now gone in wayland. The only way to now grep them is if you already have root access. Same for recording the screen (or you need ask the compositor to do it) or altering arbitrarily parts of other programs. So in wayland, I cannot hide code in your music player that will overwrite pixels in firefox, for example displaying a "https secure icon" then the connection is actually not secure.

                  Wayland also solves the screensaver problem. For people not knowing what this is, in X11 the screensaver is just a normal application running in full screen capturing all input. Crash the screensaver and you have access to the computer. Remember all this silly bugs with "Oh tap backspace 23 times to unlock the pc", yeah, exactly that.

                  So please, elaborate how this is pseudo security which i would read as giving the feeling of being secure while actually not being secure.




                  Comment


                  • #19
                    Originally posted by pininety View Post
                    WTF are you even talking about? Wayland is more secure then X11 and not pseudo secure. In X11 every application got every keystroke so your sudo password was also visible to your music player for what ever reason. That is now gone in wayland. The only way to now grep them is if you already have root access. Same for recording the screen (or you need ask the compositor to do it) or altering arbitrarily parts of other programs. So in wayland, I cannot hide code in your music player that will overwrite pixels in firefox, for example displaying a "https secure icon" then the connection is actually not secure.
                    And what can an application do with your sudo password if it doesn't have sudo privilege?

                    What part of same user = implicitly TRUSTED do you not understand? This is unix 101 basics. If you don't trust an app, then don't run it with same user and privileges. Restrict its access to files, sudo, etc. Kids these days don't know shit about a proper unix setup and just want to "run apps" maybe even as "administrator" like on Windows so they have to add bullshit like UAC for "security" because people are just morons at separating privileges via users.

                    Originally posted by pininety View Post
                    Wayland also solves the screensaver problem. For people not knowing what this is, in X11 the screensaver is just a normal application running in full screen capturing all input. Crash the screensaver and you have access to the computer. Remember all this silly bugs with "Oh tap backspace 23 times to unlock the pc", yeah, exactly that.
                    That moment when you want to protect from physical access to your PC, you know it's pseudo-security.

                    Comment


                    • #20
                      Originally posted by Weasel View Post
                      And what can an application do with your sudo password if it doesn't have sudo privilege?

                      What part of same user = implicitly TRUSTED do you not understand? This is unix 101 basics. If you don't trust an app, then don't run it with same user and privileges. Restrict its access to files, sudo, etc.
                      And this is not possible with X11 but with wayland. Lets take firefox as an example. I think we can agree we should not trust a browser (tons of code, tons of external input which needs to be processed and so on) so lets make an extra user for it and run it only with that user! But wait, it needs access to your X11 server to display anything! Oh wait, the moment we give it access to the X11 server it gets every single keystroke, access to every other apps screen and so on. Your proposed "fix" for us"Kids" is actually pseudo secure. You feel secure but actually arent. Now look at the situation with wayland. Firefox gets only access to its own window and only gets keystrokes if the window is in focus. Problem solved!

                      Originally posted by Weasel View Post
                      That moment when you want to protect from physical access to your PC, you know it's pseudo-security.
                      physical access != access to a running session protected by a screensaver
                      While the two are generally the same for consumers, in enterprise its not so much the case generally speaking.

                      Comment

                      Working...
                      X