Announcement

Collapse
No announcement yet.

Wayland Remote Desktop May Come To Fedora 29

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • phoronix
    started a topic Wayland Remote Desktop May Come To Fedora 29

    Wayland Remote Desktop May Come To Fedora 29

    Phoronix: Wayland Remote Desktop May Come To Fedora 29

    The latest feature plan for Fedora 29 is to finally have Wayland remote desktop support in place...

    http://www.phoronix.com/scan.php?pag...Remote-Desktop

  • Weasel
    replied
    No, it's the complete opposite. I'm the "paranoid" one here, some people think that because they got a heavy metal door with a bio-scanner lock (Wayland) that they are perfectly safe from any thief and won't bother adding any extra caution. My wooden door (X11) with a simple keyhole makes me take extra measures.

    For the second quote, I don't see the problem, I do that daily for sensitive websites (including email account login). Most of them aren't even done daily, and you talk as if closing Firefox is such a big deal. I think wasting 10 seconds or so per day for extra security is worth it.

    Most websites or whatever are not that important, you can reset your password on them anyway as long as you have email access or whatever, even if you do get compromised.

    Leave a comment:


  • kaprikawn
    replied
    Originally posted by Weasel View Post
    ...and whether or not they're "secure by design" is irrelevant because exploits exist, not necessarily in the application itself...
    So when you leave your house, I assume you leave it unlocked? It doesn't matter, right? No matter what you do a really determined burgler is going to get into your house anyway, so what's the point in locking the door?

    Originally posted by Weasel
    For example, if you're about to log into some super secret account that only requires password (don't ask), why the fuck would you not quit potentially compromised apps (those with internet access) first just to be on the safe side?
    I dunno, maybe because you're not a freak. So I'm logging into a website and I need to open keepassxc to get the password. I close Firefox, because it's connected to the internet and potentially unsafe, then I type in my password to keepass, get then re-open Firefox and get back to the page and then sign in? You think that's a reasonable thing to expect end users to do in the name of securing their keepass password?

    Leave a comment:


  • Weasel
    replied
    Originally posted by starshipeleven View Post
    Because you pulled your utter insanity about killing applications and restarting them with a different user or somesuch like that was watertight when it's really not if you apply the same reasoning you apply to Wayland or namespaces.
    No, killing the user's applications is to make sure none of the apps for that user (e.g. firefoxUser) run, even if malicious in the background. It's similar to killing all of a sandbox's processes.

    I suppose you're one of those who also laughs when he's told to "reboot with live distro before generating cryptographic keys" by experts. If you do, then well, you really don't know what real security is. Clearly you must never stop potentially compromised applications (and whether or not they're "secure by design" is irrelevant because exploits exist, not necessarily in the application itself).

    For example, if you're about to log into some super secret account that only requires password (don't ask), why the fuck would you not quit potentially compromised apps (those with internet access) first just to be on the safe side?

    Probably same reason people freak out about firefox vulnerabilities that are really insignificant because they can only read its own process' memory, but ofc people use only a single firefox instance whether they login to something super secret/confidential or browse malware websites, and thus turn a complete non-factor security exploit into something big by their own incompetence.

    Leave a comment:


  • Wilfred
    replied
    Originally posted by kaprikawn View Post

    Snippet from that opinon

    [...]

    "I've never seen tearing" - Works on my machine, therefore it doesn't exist. Flawless argument, absolutely watertight. They've got me there.
    [...]
    Oh my, I've seen so much tearing in my life. Heck I can get W7 to tear. But if I use Wayland and mpv wayland output I have no tearing.
    Then I truely feel like I'm in the 21 first century.
    And yes, I started using Linux in the 20th century.

    Leave a comment:


  • renox
    replied
    I find quite amusing all this focus on Wayland security even as the project Wayland has decided that we should use client-side decorations which are less "secure" than server-side decorations (which allow the server to display special for different security level (like Qubes OS do)).

    That said does anyone know if this Wayland remote support will allow to display remotely only one window? That's very handy sometimes instead of having to display a whole desktop..

    Leave a comment:


  • kaprikawn
    replied
    Originally posted by starshipeleven View Post
    lol, confirmed, that opinion is straight trolling. X abandoned network transparency decades ago.
    I dunno, I think it's actually still possible to use Xorg in a properly network transparent way. You'd have to be running pure Xorg though and not a DE to avoid installing DRI3 and suchlike. If you're installing something like Gentoo, if you run startx before you install a DE you can get a very old-looking window environment I seem to remember. I think it's usable if you're so inclined i.e. you're a masochist or you think Windows 3.1 is a good looking GUI.

    Leave a comment:


  • Azrael5
    replied
    Originally posted by pininety View Post

    And why is that? Because they are using X11 directly and not a framework which abstracts that away.
    so, do all those program use x11? how to know which programs are full wayland compliant? thanks

    Leave a comment:


  • starshipeleven
    replied
    Originally posted by Weasel View Post
    When did I say it's only Wayland?
    When did you say also separating processes under different users can fail and you'd be screwed so it's also completely pointless "fake security"?
    Because you pulled your utter insanity about killing applications and restarting them with a different user or somesuch like that was watertight when it's really not if you apply the same reasoning you apply to Wayland or namespaces.

    I never said Wayland is less secure than X, wtf.
    None said you did, easy there on strawmans.

    I just said its security is pretty minuscule in terms of importance (at least in my opinion obviously), especially since you should still be careful online (just like with X).
    Which is the bullshit I'm shouting at, we are well past the point where "being careful" matters at all. The user cannot just tell if an application was compromised or not, and has never been in the last decades. You can maybe delude yourself, but you're posting bullshit and everyone here is reacting to that.

    The entire security model based on the user trusting applications is bullshit and stopped working when the Internet became a thing. The security model for the modern world is not trusting anything by default.

    Wayland is part of the future vision for Linux where applications will get sandboxed (like in Flatpack), and is crucial to keep the sandbox in place.

    But removing features in the name of such pseudo security (that's what I meant by pseudo) is a dumb move.
    Wayland isn't even production-ready on flagship desktops like GNOME. You can say stuff was not implemented yet, but nothing was removed.
    You know, when you build something you implement first the stuff that matters most, and leave secondary features for later.

    There's just a middle ground between security and functionality and in my opinion Wayland is skewed too much towards security (on the other hand X is also skewed too much on functionality in this context, or lack of security, but if I had to pick between these 2 evils, I'd pick functionality).
    I don't understand why you are treating Wayland as if it was a done thing you can freely use everyday. Do you actually know what you're talking about? Probably not, if you link articles that claim X11 still offers network transparency in 2018 (or even 2010).

    Wayland compositors in major desktops are still unstable and don't offer more than basic functionality because they are not finished yet. Every sane person would prefer X11 (which works and is stable, albeit with an inferior design) at this point in time.

    Leave a comment:


  • Weasel
    replied
    When did I say it's only Wayland? I never said Wayland is less secure than X, wtf. I just said its security is pretty minuscule in terms of importance (at least in my opinion obviously), especially since you should still be careful online (just like with X). But removing features in the name of such pseudo security (that's what I meant by pseudo) is a dumb move. I think it was a different thread where I said that if you want perfect security then unplug your internet connection, you won't have a lot of "features" and functionality but you'll be bullet proof.

    There's just a middle ground between security and functionality and in my opinion Wayland is skewed too much towards security (on the other hand X is also skewed too much on functionality in this context, or lack of security, but if I had to pick between these 2 evils, I'd pick functionality).

    Leave a comment:

Working...
X