On Sun, Sep 16, 2018 at 11:15:56PM -0400, grarpamp wrote: > Any search will bring basic stuff like > > https://insecure.org/sploits/xsecurekeyboard_fequent_query.html > https://www.techrepublic.com/blog/linux-and-open-source/three-features-you-may-not-know-xterm-has/ > http://tutorials.section6.net/home/basics-of-securing-x11 > https://www.reddit.com/r/openbsd/comments/83adcn/does_openbsd_x11_not_have_security_problems/ > > Whether xorg, wayland, xenocara, drivers, ttys, init, login, getty, > etc are receiving any level of scrutiny, audits, fuzzing, code > scans, etc. The ancient and obscure it is, the less people look, > and all the above are exactly that. > Even mashing kbd on a FreeBSD can throw console into > unrecoverable must kill state. > And people talk how trust X?
There is always a trade-off between security and usability. If not X (or wayland, which I've only tinkered with), then what? I use tty programs everywhere I can, e.g. mutt for email, irssi, etc - but gotta have graphical UI sometimes. -- GPG fingerprint: 17FD 615A D20D AFE8 B3E4 C9D2 E324 20BE D47A 78C7
signature.asc
Description: PGP signature
