Most active commenters
  • ajross(3)
  • singpolyma3(3)

←back to thread

Show HN: X11 tool to share a screen area in any video meeting

(github.com)
345 points splitbrain | 19 comments | 14 Oct 24 13:11 UTC | HN request time: 1.656s | source | bottom
Show context
OsrsNeedsf2P ◴[14 Oct 24 14:08 UTC] No.41837682[source]
I love how simple this is- Barely 100 lines or C++ (ignoring comments). That's one thing that makes me prefer X11 over Wayland.
replies(8): >>41837906 #>>41838181 #>>41838339 #>>41838393 #>>41838489 #>>41838500 #>>41838693 #>>41844644 #
ajross ◴[14 Oct 24 14:32 UTC] No.41837906[source]
Yeah. I mean, not to deny the decades of arguments over its warts, but it's kind of amazing to me the extent to which X11 has emerged as, well, the simplest/best and most hackable desktop graphics environment available. You want to play a trick, it's right there. The ICCCM got a ton of hate back in the early 90's, but... no one else has an equivalent and people still innovate in the WM space even today.
replies(3): >>41837945 #>>41838252 #>>41838490 #
1. WD-42 ◴[14 Oct 24 14:36 UTC] No.41837945[source]
Hackable is right. But not always in the positive sense of the word.
replies(3): >>41838020 #>>41838239 #>>41848314 #
2. ajross ◴[14 Oct 24 14:44 UTC] No.41838020[source]
FWIW, the threat model you're imagining is an attacker being able to run code to display directly to the desktop using the lowest level native API. A local[1] code exploit at the level of an interactive user is already a huge failure in the modern world.

Is that a reasonable argument against using X11? Sure, for some use cases. Is it a good argument for wayland/windows/OSX/whatever to do your tiling WM experimentation? Not really, those environments kinda suck for playing around with.

[1] Or "local-ish", your system or a trusted remote has to have been compromised already. Untrusted X11 protocol still exists but is deliberately disabled (and often blocked) everywhere. Even ssh won't forward it anymore unless you dig out the option and turn it on manually.

replies(1): >>41838173 #
3. boudin ◴[14 Oct 24 15:00 UTC] No.41838173[source]
Isn't any app that can access read the x11 socket able to read any input? It's not just running an explicitly malicious app but also the risk of compromising an app which can read the x11 socket (e.g. Firefox)
replies(2): >>41838232 #>>41838427 #
4. ajross ◴[14 Oct 24 15:06 UTC] No.41838232{3}[source]
Yes, exactly. I'm just saying that the response to a remote browser exploit in firefox is more likely to be "YIKES ZERO DAY IN FIREFOX!!!!!" and not "well it's a good thing we're running it in windows so it can't screenshot other apps or inject key events".

It's not like it's not a valid argument, just that it's sort of a nitpick. Security is hard, and defense in depth is a thing, but this particular attack surface is way, way back in the "depth" stack for a modern app deployment.

replies(1): >>41838897 #
5. l72 ◴[14 Oct 24 15:07 UTC] No.41838239[source]
I find it very interesting how much our threat model has changed in the last 10-15 years. We no longer trust even local software, as we have to assume everything is now malicious. Commercial software from "reputable" companies can't be trusted to not pull a ton of analytics and personal data off your computer. We now have to worry about every piece of software being a keylogger and spying on other windows/applications and reporting back.

We've had to give up so much flexibility. Wayland certainly focuses on plugging this hole, but it means we've lost all these cool utilities like this one. There was just so much you could do with devilspie, xdotool, and others to make sure my operating system and window environment worked for me.

I still really miss X11's Zaphod mode, where you had two independent X sessions (:0.0 and :0.1) on two different monitors, with different window managers and different windowing rules.

I miss the days of being able to trust my computer and trust my software.

replies(3): >>41838768 #>>41843903 #>>41848347 #
6. p_l ◴[14 Oct 24 15:29 UTC] No.41838427{3}[source]
It's also why there existed more advanced security extensions for X11 (like security labels for windows), but also why even bare-bones X11 had methods to ensure that only one specific application was getting input, specifically to handle secure input like with passwords.
7. singpolyma3 ◴[14 Oct 24 15:59 UTC] No.41838768[source]
If you can't trust your locally installed software, everything is lost. I understand where this new threat model comes from for some people but I'd rather continue to avoid bad software sources than hamstring my OS in the hopes of avoiding malware I installed on purpose.
replies(2): >>41838874 #>>41838990 #
8. l72 ◴[14 Oct 24 16:08 UTC] No.41838874{3}[source]
I agree. But can you trust Zoom? What about Office or Photoshop? Can you trust Websites or your browser anymore? Even open source apps have analytics in them that may not be trustworthy anymore (firefox, audacity, ...).
replies(3): >>41840834 #>>41841319 #>>41847222 #
9. superkuh ◴[14 Oct 24 16:11 UTC] No.41838897{4}[source]
Javascript has managed to even ruin the linux desktop. Running every random JS application sent to your browser VM makes the browser insecure which means the entire computer can't be trusted. This is the reason things like the waylands enforce a smartphone like model of security where the user's applications aren't allowed to communicate or interact with other elements of the graphical desktop. Applications aren't trusted. So the user isn't trusted. A trade-off not worth it.
replies(1): >>41840874 #
10. marcosdumay ◴[14 Oct 24 16:19 UTC] No.41838990{3}[source]
> If you can't trust your locally installed software, everything is lost.

That's only true if you decide to trust it.

You can deal perfectly well with software you distrust, and not have it harm your system.

replies(1): >>41840844 #
11. singpolyma3 ◴[14 Oct 24 19:12 UTC] No.41840834{4}[source]
This is why I don't run Zoom or Office or Photoshop or versions of Firefox or Audacity not distributed by Debian.

Browser sandboxes pretty heavily though of course one does want to be a bit careful there too.

12. singpolyma3 ◴[14 Oct 24 19:12 UTC] No.41840844{4}[source]
Yes. By not running it.
13. quotemstr ◴[14 Oct 24 19:16 UTC] No.41840874{5}[source]
Huh? What are you trying to say? There's no conflict between distrusting applications and trusting the user. Even on Android (which is pretty paranoid these days), you, the user, can still opt to trust apps with things like accessibility API access and background location.

Why exactly should we perpetuate the insecure old single-privilege-level desktop model?

replies(1): >>41853850 #
14. jrm4 ◴[14 Oct 24 20:02 UTC] No.41841319{4}[source]
I teach online for a living, and -- yep Zoom through FIREFOX only.

Coincidentally, it's also the best experience, for whatever reason it's the only on that supports virtual backgrounds on Linux for me? Neither Chrome nor Desktop seem to work for this.

15. BlueTemplar ◴[15 Oct 24 01:05 UTC] No.41843903[source]
> Commercial software from "reputable" companies can't be trusted to not pull a ton of analytics and personal data off your computer.

Thankfully, for a lot of software, there is no reason to ever give them network access in the first place.

16. lupusreal ◴[15 Oct 24 10:55 UTC] No.41847222{4}[source]
Zoom through a browser only.

As for the rest, they may have "analytics" (spyware) but are there any documented cases of any of them acting as an X11 keyloggers or covertly screenshotting the users desktop? Those are the threats Wayland asks us to fear. And Wayland won't protect us from the rest. If Firefox or Audacity phone home with reports about what I'm doing with those applications, Wayland won't stand in the way.

17. account42 ◴[15 Oct 24 13:23 UTC] No.41848314[source]
It very much is. I expect programs running on my computer to not be restricted in how they can help me.
18. account42 ◴[15 Oct 24 13:25 UTC] No.41848347[source]
What is interesting is that physical home security has gone in the opposite direction - people are happy to put dozens of devices in they home which can (and some definitely do) stream everything they hear and see to the cloud.
19. superkuh ◴[15 Oct 24 22:36 UTC] No.41853850{6}[source]
>Why exactly should we perpetuate the insecure old single-privilege-level desktop model?

Because after 10 years of heavy development none of the waylands have managed support simple things like screen readers. X11 supports screen readers and innumberable other vital accessibility features that wayland never will be able to. Some waylands might eventually develop extensions for their particular desktop but there won't ever be a way for wayland protocol because it can't. Security theater is more important than accessibility/usability for wayland that leaves many use cases and entire demographics of people out in the cold.

So yes, X11, which is still the least worst option. Better to have the ability to do all things than have to wait decades+ for developers to write complex extensions to do things (and just for their DE, causing fragmentation).