-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 01/18/17 13:06, Konstantin Ryabitsev wrote: > Hi: > > Joanna and I had a quick back-and-forth about this article today: > https://textslashplain.com/2017/01/14/the-line-of-death/ > > Pic-within-a-pic attack was mentioned, and I was wondering if we can do > more to prevent spear-attacks aimed at Qubes users. I'm willing to bet > your trusted work terminal looks exactly like this [1] (except my added > bash powerline bits). Most people won't rename it from [work] to > something else (partly for ease of copying files between VMs, partly out > of inertia), so I'm willing to bet most of you would have a blue frame > with the title "[work] user@work:~". > > What if each login session generated a short random text label displayed > prominently as part of XFCE top bar UI, to act as your "session UI > fingerprint," like "<XoaZ>" for the sake of example. Then the window > decoration title would be: > > <XoaZ>:[work] user@work:~ > > Identifying pic-within-a-pic attacks would be easier by quickly checking > if the random string in the window title matches the string displayed in > the XFCE ui (our "trusted pixels"). > > Just a thought for your consideration -- I have no idea how much work > this would be. :) > > .. [1] http://imgur.com/a/7Fzd0 >
Solutions to this problem are already implemented in Qubes, and they are described here: https://www.qubes-os.org/getting-started/#running-an-application-full-screen Are these solutions deficient? If so, in what specific way(s)? What does the proposed visual string comparison solution get us that the existing ones don't? Personally, I find it much easier just to drag a window or hit alt + tab than to visually compare anything. There's a lot of room for improvement, but I think that any new solutions should aim to make protecting against UI attacks easier for the user than it currently is, not harder. - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJYf+g9AAoJENtN07w5UDAwcc4QAKe1XGs/IT2i1X8xlXQMAl8m atEPT496bjpPkFowTJRUY0OwsSywtRc70u8Ptt79baif1BANnxah/4KUhNwjzAwk UQJQHT0eoBKObRQULGLTm6jja0mcYRx8QmzjqAck3A8jYJyklf9gZxjIhA3FqgsV MvkxWrMqQUOqu4JNKGhYX75Kcxf10YY3f903RutTYh/E/qBYVsfgTk5qWsXbN4x2 Fn3SQ1usPY5QSwnKQ0UKvuMlrro0VVG63CNVnI1r4TM81/yjJgtZvp4EbJu03U1U jxtRLighoItQPWEmw2uPLx8KYvO/KGffNqBPXA6LAznDHewn6QV/W/wYCbXgGpJ8 VqehI111ot79POLX1qkpODL1wkzNIaYVibGU1DAY+Ld5u8P8K4CBExd/MQUe77CX fNqBSPzve+XBssGLwiPr2URWpRhUrpbPv7NplfEdY1hgjMxuH/PvP/35wo3Qv4iL Iq4CLIa4fJdqlsLW8XHarXhQX5D4eKaTIawTyTgouz+KUnYnZujd2zQXCUWQXfVc tEnJ2eRitp3GqF4Oa8n73D9iRAb1RwqKOd0zhO/s5X3GzzcQqdqfPWvCsKefpmZ/ kO9tkKwN3U8AqDICl5VNO3/BqK+ybCh8tkoOItSicB+jgcdPmFbJGhSidt1oeCMI vccaoM80lA9ctXfQl+Ur =lw5h -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/a98e7630-536e-db38-6f8e-eeb2a848e129%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
