@Matteo On Sunday, February 11, 2018 at 9:18:16 AM UTC+1, Matteo wrote: > > Does anyone know the 'alt+space+f'(fullscreen) command, or where to find > > it? Or are there none available in /bin /usr/bin or similar? > > i think that you have to press that keys on the keyboard, is not a > terminal command (in fact you can't find in /usr/bin) > > if you press alt+space bar a menu should pop up, the same menu can be > seen by clicking in the title bar of the window, from there you can see > maximize, minimize, close, and probably also fullscreen that can be > quickly selected with f. > > note that qubes by default doesn't allow fullscreen, unless you enable > it. also usually websites and programs have a easily accessible > fullscreeen button (youtube). > > but i'm not sure about what you want to do. > hope it helps
Your words about security kept nagging at me on repeat, so I had a second look at what is written about the security topic of fullscreen. It's slightly different from what I remember, but it doesn't seem like it can expose dom0 and other VM's still though, but may still be harmful indeed. Quote: "Why is full screen mode potentially dangerous? If one allowed one of the VMs to “own” the full screen, e.g. to show a movie on a full screen, it might not be possible for the user to know if the applications/VM really “released” the full screen, or if it has started emulating the whole desktop and is pretending to be the trusted Window Manager, drawing shapes on the screen that look e.g. like other windows, belonging to other domains (e.g. to trick the user into entering a secret passphrase into a window that looks like belonging to some trusted domain)." /quote-end. It looks like fullscreen can't do "attacks" on dom0 and other VM's, but it can do something like keylogging, just visually from the screen instead, perhaps something akin to taking frequent light sized screenshots and then sending the screenshots over the internet. But this is supposedly only a problem if fullscreen can be executed from within the VM itself, so as long as the "controls" for fullscreen remains in a secure domain, such as dom0 keybinds, it should remain safe, as the moment you use dom0 to stop fullscreen, the VM has no means to keep up its attack to keylog screenshots. I suppose that's what is meant by these words, maybe there is more to it. But it seems quite harmful if you don't mind an attacker knowing what movies you are watching, and even then, in this case it probably makes no difference if using fullscreen or not anyhow, as the non-fullscreen can be keylogged as well. So I suppose, as long you don't do anything in other windows, that has sensitive information, while you use fullscreen, we're safe. Unless I've misunderstood something? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7cacb64f-6e72-4e17-8340-0c48344dfaf1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
