Announcement

Collapse
No announcement yet.

SDL2 Lands Support For Client-Side Decorations On Wayland

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #71
    Originally posted by krzyzowiec View Post
    Simpler is always better, especially from a security standpoint, but also from a maintenance and feature development one. In programming there is never a situation where simpler is not better.
    Sigh, as ssokolow wrote: use MS-DOS then, it's much simpler than Windows or Linux..


    Originally posted by krzyzowiec View Post
    I honestly believe using QubesOS is crazy.
    And I believe you didn't fairly evaluate it (probably because it shows that Wayland's design is *too simple*), what's the alternative for a 'secure' desktop OS?
    Rewrite everything in Rust? Well, you'll have to wait a long time, in the meantime QubesOS is here now.

    Comment


    • #72
      Originally posted by Jaxad0127 View Post
      Transparent images don't seem to have that problem. Why should an application draw buffer be different? Just allow an alpha channel and make sure you composite it correctly to avoid leaking info to the app.
      Shadows transparent effect there more than 1 yes not all can be done with alpha channel this include the blur effect you see in Aero Glass because pixel under to pixel above the shadow are not a straight though line.

      When I said shadow transparent effect I was referring to like using a shader to do like aero glass effect and other not simple shadows.

      Originally posted by ssokolow View Post
      What about Aero Glass-style blur effects? The window may be able to use an ARGB visual, but the compositor still needs to be responsible for accessing the pixels below it and applying a blur effect. Sooner or later, you get back to "If we have to get the compositor involved anyway to achieve what we want, why not just let the compositor do it all and gain some robustness in the process?"
      Of course there is a problem having the compositor doing too much with latency. This is case you cannot win.

      CSD has it place SSD has it place. Not every person likes their windows having complex shadows that require shader to render the shadow right and the people who don't want that feature should not have the overhead. But the people who want that feature should be able to have it by some means as well.

      Lot of ways I believe all Linux applications should support CSD and SSD. We need to sort out the CSD side to have library to make doing it simple that almost everyone uses.

      Something to remember the most X11 common windows managers/DE on Linux did not use shadows around their windows.

      Comment


      • #73
        Originally posted by ssokolow View Post
        Go run MS-DOS then. It must be the most secure, maintainable, feature development-friendly mainstream OS to ever run on PC Compatible hardware.

        For those who are too thick to get the underlying message, I'll refer to the famous Einstein paraphrase, "everything should be as simple as possible, but not simpler". Of course you can make things simpler by arbitrarily punting on responsibility for things end-users need and declaring the end-users wrong.
        In this context we are talking about how to draw a window. Both implementations achieve this goal, but one method is simpler. The only argument I see in favor of the more complicated method is that you might gain some (dubious imo) security benefit from not allowing the windows to control their own drawing, but obviously that again goes entirely against what Wayland is about.

        Originally posted by renox
        Sigh, as ssokolow wrote: use MS-DOS then, it's much simpler than Windows or Linux..
        See above, since you didn't get my meaning. I'm talking about feature equivalence. Is MS-DOS even remotely comparable to Linux? Obviously not. Simpler is always better, but you do actually have to accomplish the task the user wants done...

        Originally posted by renox
        [And I believe you didn't fairly evaluate it (probably because it shows that Wayland's design is *too simple*), what's the alternative for a 'secure' desktop OS?
        Rewrite everything in Rust? Well, you'll have to wait a long time, in the meantime QubesOS is here now.
        When I read users of QubesOS say they only successfully resume from suspend 10% of the time... Yeah I think I'll take a normal functioning desktop with relatively good security vs dealing with painful usability issues for some security benefit that I don't even know is real.


        Comment


        • #74
          Originally posted by krzyzowiec View Post
          When I read users of QubesOS say they only successfully resume from suspend 10% of the time... Yeah I think I'll take a normal functioning desktop with relatively good security vs dealing with painful usability issues for some security benefit that I don't even know is real.
          What rock have you been living under? Linux has a long history with "trouble resuming from suspend" and some of us do own devices other than laptops. Hell, the last time I was using a laptop as my main device, battery life was low enough that asking Windows 9x to suspend on those IBM ThinkPads wasn't worth the hassle it could cause.

          Comment


          • #75
            Originally posted by krzyzowiec View Post
            When I read users of QubesOS say they only successfully resume from suspend 10% of the time... Yeah I think I'll take a normal functioning desktop with relatively good security vs dealing with painful usability issues for some security benefit that I don't even know is real.
            High security setups normally don't use suspend because that equals writing data to storage that may not be secure.
            https://ts.data61.csiro.au/projects/TS/cddc.pml.html

            QubesOS is something I could say that you could put on a system and play with. Like you are not going get you hands on a "Cross Domain Desktop Compositor" block of hardware. Yes QubesOS uses VM but other deployed items are using full hardware splitting. Yes the Cross Domain Desktop Compositor can be overwriting the window boarders by force.

            Yes the concept of sending you window layout down the Display port to have the "Cross Domain Desktop Compositor" display the window on a different location on screen and alter mouse and keyboard input so it makes sense to the individual computers. Yes "Cross Domain Desktop Compositor" that is independent 3 computers connected to 1 box that has 1 one keyboard 1 mouse and 1 screen with the applications on all the 3 computers being displayed on the screen all at the same time. Yes these setups SSD makes sense so that each Domain is clearly displayed in each windows boarder.

            krzyzowiec when you get into military usages there are a lot of time things take a turn for the insane. I guess you never consider that there was the in hardware version of QubesOS in use today. The resume from suspend is not expected feature in the high security setups because you don't suspend you shutdown and boot up clean.

            The security requirement is real and QubesOS is only really a example I can point to that a person can download and try on normal system. Yes there is lot of effort to implement this stuff in real hardware using fpga chips. Again the fpga chips choice is another thing done for security reasons.

            krzyzowiec like it or not the really high security desktop is a very different beast to your normal desktop. Linux support normal though to insanely high secure setups. Yes some of the choices with wayland do link to being more high security like.



            Comment


            • #76
              Originally posted by ssokolow View Post

              What rock have you been living under? Linux has a long history with "trouble resuming from suspend" and some of us do own devices other than laptops. Hell, the last time I was using a laptop as my main device, battery life was low enough that asking Windows 9x to suspend on those IBM ThinkPads wasn't worth the hassle it could cause.
              Not the same rock as you I suppose. I have no problem with suspend under Linux using an Intel Broadwell laptop, nor with my Ryzen 5900x/Radeon 6800 desktop. Suspend makes a big difference to me in both cases because I don't waste power unnecessarily, and in the case of my laptop, it's very convenient to just close the lid, carry it to another location, and then simply open it again when I'm ready to use it.

              Originally posted by oiaohm
              krzyzowiec like it or not the really high security desktop is a very different beast to your normal desktop. Linux support normal though to insanely high secure setups. Yes some of the choices with wayland do link to being more high security like.
              Sure but it's not like Wayland is a low security solution. One of the reasons for its existence is application isolation. It's true that once you start talking about military then your requirements change, but I'm just a regular desktop user. I like a balance of security and convenience since my secrets aren't going to lead to life and death consequences.

              Comment


              • #77
                Originally posted by krzyzowiec View Post
                Sure but it's not like Wayland is a low security solution. One of the reasons for its existence is application isolation. It's true that once you start talking about military then your requirements change, but I'm just a regular desktop user. I like a balance of security and convenience since my secrets aren't going to lead to life and death consequences.
                Problem here there is not the divide you think there is. Like you use libreoffice on your regular desktop right. You find libreoffice installed in your high security desktops as well. Also the ones needing high security desktops are some of the parties who have the money to pay developers to work on the Linux desktop.

                There are quite a few bits of software you use on your regular desktop user desktop that are used in the high security desktop. This makes software development problem way more horrible right. High security wants SSD and performance wants CSD. Please note there are such things as low security high performance desktops as well.

                So you have regular desktop with middle of the road security. You have high security desktops that have high security and you have high performance low security desktops.

                Regular desktops historically have been a mix of SSD and CSD. Windows is in fact CSD(CSD is done in libraries this is why applications are able to add buttons to the windows bar) and MacOS has been SSD and Linux X11 server general desktops have been a mix of both.
                High security desktops have historically been pure SSD.
                Low security high performance desktops have been pure CSD.

                Think about it running 1 application locked to full screen on terminal you don't need a stack of application security things. Yes you would see this with some of the X11 use cases in car entrainment systems and flight systems(scary right low security desktop running X11 being used as part of flight system). Performance critical is not your normal desktop as this have like desktop must be able to restart in under 1 second.

                Its wacky right that there are applications that are used in low security, high security and regular desktop that are all the same application.

                Comment


                • #78
                  Originally posted by oiaohm View Post
                  Regular desktops historically have been a mix of SSD and CSD. Windows is in fact CSD(CSD is done in libraries this is why applications are able to add buttons to the windows bar) and MacOS has been SSD
                  MacOS uses CSD now, just as Windows does.


                  Comment

                  Working...
                  X