Announcement

Collapse
No announcement yet.

XWayland & X.Org Server See New Releases Due To Three More Security Vulnerabilities

Collapse
X
Collapse
 
  • Page of 5
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 5 template Next
  • #21
    Originally posted by Veto View Post
    I think you are conflating exposure with security. Or do you really think these vulnerabilities are not real?

    It has its benefits being a low value target running an obscure platform. ("Where the hell are the millions of X11 desktop users?" ) So being a Linux desktop user is inherently less risky (than eg. Windows). But most people still wants their Linux desktop without obvious security holes.

    Oh - and the examples of Linux malware certainly are out there. You can just as well search for it yourself...
    I think you don't understand security or/and you're trolling. Both ways I have nothing to discuss with the person who has nothing to show for their lies.

    Malware exists, Windows has millions of pieces of it. For some reasons such a gaping hole in Linux has zero pieces of malware. If it tells you nothing, then I surely can't add anything either because logic, common sense and rationale are totally lost on you. Goodbye. Maybe other less tech-savvy simpletons will believe your lies. Surely there are some considering this "X11 is insecure" mantra which has been perpetuated for a decade now by Wayland apologists.
    Last edited by avis; 25 October 2023, 11:32 AM.
    • Likes 6

    Comment

    • #22
      I would surmise the reason we're seeing so many more sec vuln coming out of Xorg land is because the tools and means to detect them have dramatically improved in the past 5+ years. Imagine who's pointing some kind of AI-based fuzzer or other such similar bug / vuln hunting tool at this old code? It's only going to get worse from here on out. But on the positive side, at least they're getting fixed when found. It doesn't bode well for those ancient Linux systems running out there exposed to the Internet or "curious" local users.

      It's all written by humans folks. "If it ain't broke, don't fix it" is only what idiots still believe in the world of computers and IT. I'll say a million more times: It's broke. You're just not smart enough to know where or how. Thanks to those remaining Xorg folks for still caring to even fix it. We all benefit.
      • Likes 5

      Comment

      • #23
        Originally posted by fitzie View Post
        [...l] mproves xorg users just like it does wayland sufferers.
        What?!
        on what flatland do you live on?
        Why would Wayland 'sufferers'?

        Mesa works on wayland too... and finally distributions are planning to move away form X11.
        You are betting on a dead horse , but please throw away your money


        • Likes 5

        Comment

        • #24
          1988 🤔 just few days ago. 🤭
          Last edited by MorrisS.; 25 October 2023, 01:52 PM.

          Comment

          • #25
            Nice work

            X11 has traditionally had no real security. There are "security extensions", but no modern Linux distro meaningfully uses them, and they're probably full of vulnerabilities anyway. Also modern UI features are implemented using grabs & other features that are incompatible with isolating different GUI apps from each other. Even Qubes OS uses its own proxy mechanism, rather than allowing apps to talk directly to the X server.

            So I'm not alarmed by this; but ot's just nice to see people working chipping away at these vulnerabilities, trying to prevent the same situation from re-occurring with Wayland.

            Comment

            • #26
              Originally posted by MorrisS. View Post
              1988 🤔 just few days ago. 🤭
              Let us know when you stop using the Linux kernel because of all its old security vulnerabilities.

              Someone needs to tell Linus to re-write it in rust. That would fix everything, I'm sure.
              • Likes 1

              Comment

              • #27
                Originally posted by andyprough View Post

                Let us know when you stop using the Linux kernel because of all its old security vulnerabilities.
                Someone needs to tell Linus to re-write it in rust. That would fix everything, I'm sure.
                There is a difference. The Linux kernel usually has vulnerabilities because of bugs. In the case of X I understand the problem is that it was designed in a way that didn't consider at all the kind of security issues that exist today 30 years later. That is much more difficult to fix.

                I assume that you intended you comment about Rust to be sarcastic. A good percentage of those vulnerabilities in the Linux kernel are caused by bugs that rust is designed to prevent, so they would not be possible. And someone already brought a much more sensible proposal to Linus, to not rewrite anything but to add experimental support to build new Linux drivers in Rust. Linus at least liked the idea because it has been release originally in Linux 6.1 (December 2022).

                By the way, Microsoft and Google had similar findings. Microsoft has been re implementing parts of GDI -it is part of Windows Kernel- in Rust.

                • Likes 3

                Comment

                • #28
                  Originally posted by avis View Post

                  I think you don't understand security or/and you're trolling. Both ways I have nothing to discuss with the person who has nothing to show for their lies.

                  Malware exists, Windows has millions of pieces of it. For some reasons such a gaping hole in Linux has zero pieces of malware. If it tells you nothing, then I surely can't add anything either because logic, common sense and rationale are totally lost on you. Goodbye. Maybe other less tech-savvy simpletons will believe your lies. Surely there are some considering this "X11 is insecure" mantra which has been perpetuated for a decade now by Wayland apologists.
                  What lie did I tell?!?

                  You seem to be rather inflammatory yourself...
                  • Likes 4

                  Comment

                  • #29
                    Originally posted by Veto View Post
                    What lie did I tell?!?

                    You seem to be rather inflammatory yourself...
                    It's great that you've finally admitted that you had been trolling all the way 'cause otherwise, you know, you'd have provided a ton of arguments for you PoV. I see none. Jokes and discussing the other person.
                    • Likes 1

                    Comment

                    • #30
                      Originally posted by avis View Post

                      It's great that you've finally admitted that you had been trolling all the way 'cause otherwise, you know, you'd have provided a ton of arguments for you PoV. I see none. Jokes and discussing the other person.
                      And what jokes did I now tell?!? And what other person did I discuss?

                      You acuse me of a lot, but seem to be arguing with some complete other person. Please take a deep breath and keep the discussion factual...
                      • Likes 2

                      Comment

                      Previous 1 2 3 4 5 template Next
                      Working...
                      X