Luke A. Call writes: > > On 2024-03-29 09:01:07-0400, James Huddle <james.r.hud...@gmail.com> wrote: > > Exfiltrator. There's an 11-letter word that starts with "ex". X11. > > After a quick web search, I'm not sure I follow. Is that a reference to > a program that exfiltrates data after a computer is compromised? Can you > elaborate a little? I realize this is an ignorant question.
In short, there is a well known shortcoming or feature depending on who you ask inherent in the X protocol's design where any application which uses the X server (ie. can access the tcp port or unix socket and has the correct xauth key, which is to say all of them) can request (and get) the ability to read all of the X events, which includes every key press and mouse movement in every application. Exfiltrator is 11 letters and we are at X protocol version 11. There are common mitigations against this problem, such as not giving strangers the ability to run unknown programs on your console. Matthew