On Thu, Nov 3, 2016 at 12:50 AM, Andrew David Wong <a...@qubes-os.org> wrote:
> So, the fact that you're allowed to see your screen content from yesterday 
> doesn't constitute any violation of the security model. You're still the same 
> trusted user as you were yesterday. (If I've misunderstood your concern, 
> please let me know.)

This is concerning from the perspective of one who expects a lock
screen to protect the confidentiality of your activities from
untrusted people who may temporarily have limited access to your
machine while it is locked.

But perhaps more seriously, if I understand the report correctly, this
also suggests to me the potential existence of some code path which
renders stale content from untrusted appvms in a full-screen
undecorated context? If that is true, and if it is reliably
triggerable from an appvm, then this would be a useful tool for one
attempting to trick a user with fake UI. This is purely theoretical,
and standard mitigations apply as normal (e.g. trusted window-manager
actions to differentiate true windows) but this still does cause some
concern.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/CABQWM_Bnez%3DCfW78d%2BDpASduCNQ3APrXP-b_D%2BMVii42tSUOfA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to