Announcement

Collapse
No announcement yet.

Prolific Red Hat Developer Starts Up "Wayland Itches" Project

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • retardxfce
    replied
    Originally posted by debianxfce View Post

    Believing that IBM software protects you is stupid. Only protection is the virus scanner.
    Imagining believing that a virus scanner on linux is anything more than placebo

    Leave a comment:


  • skewty
    replied
    Weasel You seem to be complaining that protection that may be required when you least expect it is being forced upon you. People don't plan to have car accidents and any more than people swing a hammer at a nail expecting it to land on their finger.
    Perhaps we can borrow the analogy of a condom and being allowed to remove it to be with your wife (our metaphor for two trusted applications). Now imagine that your wife is a nurse and caught something at the hospital earlier that day that is highly contagious. Sleeping with her tonight without a condom will surely pass this infection onto you as well.

    Any required interaction between well written apps can be through safe tunnels (pun intended) with no loss in end result; it just needs to be done differently than before.

    "Trusted apps" of the past that turned out to be conduits for infection.
    Microsoft Word + Excel (macros), Adobe Acrobat Reader, Internet Explorer, Anti Virus update software.....

    The sad truth is most users cannot be trusted to make intelligent decisions for their PC.

    Software that is thought to be safe one day is the conduit of a 0-day the next...

    Perhaps this perspective will help you understand that there is an opportunity here for you to see this step as being one in the right direction.. for the greater good (because infected computers often run computer instructions that spread their infection purposefully with malevolent intent). Nobody wants to be that guy who caught something from his wife; that's not something we are likely to brag about.

    Leave a comment:


  • Weasel
    replied
    Originally posted by xfcemint View Post
    The applications that are run by different users cannot easily cooperate synergistically. Can applications by two different users share a desktop session? A clipboard? It's the exact opposite of what Weasel claims, running apps as two different users is cumbersome.
    They can share that stuff, but I don't see how it's much of a problem that they can't cooperate.

    You choose to isolate one of them, so it's to be expected. I mean, if you trust it then don't isolate it?

    Better than not even having a choice like in Wayland where isolation is forced.

    Leave a comment:


  • xfcemint
    replied
    Originally posted by debianxfce View Post
    Linux is not windows. You can not do much harm within a user session.
    Originally posted by Slithery View Post
    That's just nonsense...
    I think that debianxfce was reffering to a separate user account. That one would lack Gmail, Paypal etc. Possibly it can even lack network access.

    But then you don't get integration of user's desktop session.

    Leave a comment:


  • Slithery
    replied
    Originally posted by debianxfce View Post

    Linux is not windows. You can not do much harm within a user session.
    That's just nonsense...

    Last edited by Slithery; 05-19-2019, 02:36 PM.

    Leave a comment:


  • xfcemint
    replied
    Originally posted by debianxfce View Post

    You can use virtualbox. The clipboard and file sharing works after installing a virtualbox plugin.
    Yep, you can use VirtualBox, or any other emulator/hypervisor out there. And VirtualBox is nice because it has snapshots.

    The problem is in the concept called "level of integration". Which would be low for virtualbox. But it does have the shared clipboard. It's missing UNIX pipes, though. Yeah, that's a bummer, if I use VirtualBox, I cannot pipe freely an application inside it with the ones outside. That is a kind-of anti-Unix. What a bummer.
    Last edited by xfcemint; 05-19-2019, 12:53 PM.

    Leave a comment:


  • xfcemint
    replied
    Originally posted by debianxfce View Post
    Linux is not windows. You can not do much harm within a user session. Viruses are rare in Linux and you do backups of your own work and scan your computer with clamtk. So far clamtk has found trojans in ~/.cache/mozilla folder and similar web browser caches.
    Yes, but I find it rather incovenient to work as two different users. The applications that are run by different users cannot easily cooperate synergistically. Can applications by two different users share a desktop session? A clipboard? It's the exact opposite of what Weasel claims, running apps as two different users is cumbersome.

    If you try to make it less cumbersome by giving the second user additional privileges, then it becomes insecure.

    And I don't like workarounds. Especially when security is in question.

    Leave a comment:


  • Weasel
    replied
    Originally posted by xfcemint View Post
    You are a complete retard. That's not how it's done.

    If you have a risky application, you run it on another computer. After each run, reinstall the OS from an image to be safe.

    Another solution is to have a separate computer for each application. That's how it has always been in the UNIX land.
    I think you're confusing Unix with Windows here, where everything used to run under Admin. Retard.

    Leave a comment:


  • xfcemint
    replied
    Originally posted by Weasel View Post
    Like I said, if you want that isolation, run it as another user. That's how it has always been in Unix land.
    You are a complete retard. That's not how it's done.

    If you have a risky application, you run it on another computer. After each run, reinstall the OS from an image to be safe.

    Another solution is to have a separate computer for each application. That's how it has always been in the UNIX land.
    Last edited by xfcemint; 05-18-2019, 09:15 AM.

    Leave a comment:


  • Weasel
    replied
    Originally posted by xfcemint View Post
    When isolation is properly implemented, as described, a user has the power to run ANYTHING whithout being scared that an app can compromize the system. You can run a closed source app, a virus, an app by a shady company, an app from Microsoft, some add-ridden shareware, an app by Russian hackers, a trojan, whatever, the user and OS is always safe.
    Like I said, if you want that isolation, run it as another user. That's how it has always been in Unix land.

    Same reason if you want to run something really dangerous you make a conscious decision and at least try to run it in a VM on top of other isolations. You don't get this by default. Imagine how insane it would be to isolate even stuff like bash or the terminal. Why would my favorite text editor be any different and be isolated by default?

    For example did you know tons of Wine apps broke when they couldn't read memory of another app (same user) and you had to add a kernel sysctl to make them work? Obviously those apps are not malware, they just want to synergize with another one of them, most likely why Windows has more user friendly stuff than what you find on Linux also.

    I don't use a piece of shit mobile OS with full-screen apps that are "independent" of each other. If I wanted that I'd be using Qube OS or whatever it was called where every single app is in a different VM. Yuck.

    Leave a comment:

Working...
X