Re: [qubes-users] Looking for the 'alt+space+f' (fullscreen) command - Purpose is to place a new keybind
> It looks like fullscreen can't do "attacks" on dom0 and other VM's, but it can do something like keylogging, just visually from the screen instead, perhaps something akin to taking frequent light sized screenshots and then sending the screenshots over the internet. This is possible both if the VM is in full screen mode or "small/normal" mode. The vm can also key log the keyboard but only for keys sent to that vm (so only while it is focused). (while on a normal pc the kwylogger would be for the whole pc, here an infected vm can keylog itself). > But this is supposedly only a problem if fullscreen can be executed from within the VM itself, so as long as the "controls" for fullscreen remains in a secure domain, such as dom0 keybinds, it should remain safe, as the moment you use dom0 to stop fullscreen, the VM has no means to keep up its attack to keylog screenshots. I suppose that's what is meant by these words, maybe there is more to it. But it seems quite harmful if you don't mind an attacker knowing what movies you are watching, and even then, in this case it probably makes no difference if using fullscreen or not anyhow, as the non-fullscreen can be keylogged as well. So I suppose, as long you don't do anything in other windows, that has sensitive information, while you use fullscreen, we're safe. > > Unless I've misunderstood something? > The vm can go fullscreen if you allow it from vm permissions, (just click youtube fullscreen button). The problem is NOT if a vm can keylog (byscreenshot or by keyboard), if you open a virus a vm can keylog in both ways both if is fullscreen or not. the problem is HOW do you know in which vm you are? if you are not in fullscreen mode is as easy as watch the window title. but if is in fullscreen mode you can't tell where you are. and what if the vm draw a fake start menu? take this for example: https://textslashplain.com/2017/01/14/the-line-of-death/ go down you will see a fake paypal window inside the real browser. but that is not a paypal browser window on chrome, is a photo in the website! that is the problem that qubes aim to solve by preventing fullscreen. attacking qubes is not easy as the attacker to simulate your desktop must know what background and installed apps you have, what are your template and vm names. note that (unlike normal pc windows/linux) in qubes if you have an infected vm with keylogger you don't care very much if you insert sensitive data in other vm it will not be keylogged. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d6635d1e-dcc5-8e5b-a44a-f70be0b28315%40posteo.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Looking for the 'alt+space+f' (fullscreen) command - Purpose is to place a new keybind
@awokd On Sunday, February 11, 2018 at 1:37:58 PM UTC+1, awokd wrote: > On Sun, February 11, 2018 12:01 pm, Yuraeitha wrote: > > > Quote: > > "Why is full screen mode potentially dangerous? > > If one allowed one of the VMs to “own” the full screen, e.g. to show a > > movie on a full screen, it might not be possible for the user to know if > > the applications/VM really “released” the full screen, or if it has > > started emulating the whole desktop and is pretending to be the trusted > > Window Manager, drawing shapes on the screen that look e.g. like other > > windows, belonging to other domains (e.g. to trick the user into entering > > a secret passphrase into a window that looks like belonging to some > > trusted domain)." /quote-end. > > I think this is saying that when you run an application full screen, it > could pretend to act like Qubes and draw fake applications to trick you > into thinking you weren't running the application any more, but your > desktop. > > It shouldn't have any access to other windows though, even in full screen. Indeed, it seems like this must be the case. If so, it seems to be a case where an attacker needs to fill in potentially lacking information to pull off an attack on the screen, in order to social engineer and trick people into typing sensitive information on the screen in a fake window. Still though, this is completely undone if the control of the screen is taken back by dom0. So it should be impossible to do this once fullscreen is withdrawn, which usually happens when a person stops watching a movie or stream. - I suppose it can still be harmful if alt+tab out of fullscreen without stopping fullscreen. - or if a legit popup of whatever kind appears and a person forgets about the fullscreen in the background and leaves it running. - or if multiple of monitors, and its fullscreen on one of them, can it then reach the other monitors? But is it really like this though? How does it work here, does a fullscreen still have control of the fullscreen if it's put in the background behind other non-fullscreen windows? In this case, if true, it would give an attacker the ability to control the screen and make whatever appear on it, even if it's in the background or maybe even if on another screen while working on a second screen. Would an attacker be able to make changes to the work screen which isn't in fullscreen mode? But I suppose whichever case it is, it hardly matters if a person always remembers to take back fullscreen with action from dom0, so that the AppVM looses its ability irregardless of what kind of attack is going on in the AppVM. But it would be interesting to know if a fullscreen window can keep drawing pixels on the screen, even if it's for whatever odd reason has been put in the background etc. while still in fullscreen mode. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/adcb7955-0d80-4c14-bc65-e605c5f0d0fc%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Looking for the 'alt+space+f' (fullscreen) command - Purpose is to place a new keybind
On Sun, February 11, 2018 12:01 pm, Yuraeitha wrote: > Quote: > "Why is full screen mode potentially dangerous? > If one allowed one of the VMs to “own” the full screen, e.g. to show a > movie on a full screen, it might not be possible for the user to know if > the applications/VM really “released” the full screen, or if it has > started emulating the whole desktop and is pretending to be the trusted > Window Manager, drawing shapes on the screen that look e.g. like other > windows, belonging to other domains (e.g. to trick the user into entering > a secret passphrase into a window that looks like belonging to some > trusted domain)." /quote-end. I think this is saying that when you run an application full screen, it could pretend to act like Qubes and draw fake applications to trick you into thinking you weren't running the application any more, but your desktop. It shouldn't have any access to other windows though, even in full screen. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9f64fad8b4037175a038e0b210a1c883.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Looking for the 'alt+space+f' (fullscreen) command - Purpose is to place a new keybind
One example of usefulness is taking Qubes and turn it into a SmartTV. While Qubes isn't designed for this, in this age with screens having microphones and webcames, voice control, and what not, I do prefer to simply make sure SmartTV's have no internet access, and then install a secure OS like Qubes OS on a small computer. This is what I helped do for my friend and why I was looking for this command. Essentially most controls is done with a mouse and a remote keypad. Keyboard is kept hidden away unless needed for updates and so on. But the idea is to easy put Streaming videos on fullscreen, in order to use Qubes as a secure SmartTV. The keybind can be useful elsewhere I'm sure, it's just about being creative. Also now that I have the command available, I changed it to a more convenient key on my own Qubes system now that I had the command available. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/06028041-d068-4d0a-a041-888bcd8ffc89%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Looking for the 'alt+space+f' (fullscreen) command - Purpose is to place a new keybind
@Matteo On Sunday, February 11, 2018 at 9:18:16 AM UTC+1, Matteo wrote: > > Does anyone know the 'alt+space+f'(fullscreen) command, or where to find > > it? Or are there none available in /bin /usr/bin or similar? > > i think that you have to press that keys on the keyboard, is not a > terminal command (in fact you can't find in /usr/bin) > > if you press alt+space bar a menu should pop up, the same menu can be > seen by clicking in the title bar of the window, from there you can see > maximize, minimize, close, and probably also fullscreen that can be > quickly selected with f. > > note that qubes by default doesn't allow fullscreen, unless you enable > it. also usually websites and programs have a easily accessible > fullscreeen button (youtube). > > but i'm not sure about what you want to do. > hope it helps Your words about security kept nagging at me on repeat, so I had a second look at what is written about the security topic of fullscreen. It's slightly different from what I remember, but it doesn't seem like it can expose dom0 and other VM's still though, but may still be harmful indeed. Quote: "Why is full screen mode potentially dangerous? If one allowed one of the VMs to “own” the full screen, e.g. to show a movie on a full screen, it might not be possible for the user to know if the applications/VM really “released” the full screen, or if it has started emulating the whole desktop and is pretending to be the trusted Window Manager, drawing shapes on the screen that look e.g. like other windows, belonging to other domains (e.g. to trick the user into entering a secret passphrase into a window that looks like belonging to some trusted domain)." /quote-end. It looks like fullscreen can't do "attacks" on dom0 and other VM's, but it can do something like keylogging, just visually from the screen instead, perhaps something akin to taking frequent light sized screenshots and then sending the screenshots over the internet. But this is supposedly only a problem if fullscreen can be executed from within the VM itself, so as long as the "controls" for fullscreen remains in a secure domain, such as dom0 keybinds, it should remain safe, as the moment you use dom0 to stop fullscreen, the VM has no means to keep up its attack to keylog screenshots. I suppose that's what is meant by these words, maybe there is more to it. But it seems quite harmful if you don't mind an attacker knowing what movies you are watching, and even then, in this case it probably makes no difference if using fullscreen or not anyhow, as the non-fullscreen can be keylogged as well. So I suppose, as long you don't do anything in other windows, that has sensitive information, while you use fullscreen, we're safe. Unless I've misunderstood something? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7cacb64f-6e72-4e17-8340-0c48344dfaf1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Looking for the 'alt+space+f' (fullscreen) command - Purpose is to place a new keybind
On Sunday, February 11, 2018 at 11:09:39 AM UTC+1, donoban wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Have you tried 'alt+F11' on XFCE? > > It's default hotkey in XFCE for fullscreen and you can modify it using > configuration editor. > -BEGIN PGP SIGNATURE- > > iQIzBAEBCAAdFiEEznLCgPSfWTT+LPrmFBMQ2OPtCKUFAlqAFlcACgkQFBMQ2OPt > CKXVORAAn/Y8CO2whwLHDAZhSr/1dPpk4aWvS6elpcEA8eO1ahfPOCLVrchbye0I > 4BN42XHfUEDfzzquiYu57nO0k6KoNWrvaoe4DlywaQ1ZC38mPEPpu0CGrknxGoLY > EWMiWHL3pMEflZPzUEJXFYAbgHEsWOyihaLkv8ofKHWxIhnMkTEmqwwxIiW0TCdo > hFuejDuSTWC4z+aBOwGHOs9y7wlzo4FknJpEL3FOA4A4qDQZmGHzuKjDqi09h1Ac > anuGOL8Y0eYt/fhJjeOhLsKpv1oaEDDs8pHHted3385U6OSdjlPeVHN4GgAOdNxu > GcsfMdPWBZgNUj9pZTIJlXOSTlqwpExU/ateBOKMbauATeZ7iGIXO6XsM3kT1Uvw > ss/AIEQ3qkXlcueOO6XsCpY+AiOmoNJ/p7CVn58TBBW42w/3x4XLXTwLOK8scnLn > /2Yw/chFWlzLsTozFZC84ARtUHo0Sb3z/FqeQocc+77QCxgNhYfm/WCig6crcCLV > LFF8n4pZY8mOPQEwEQWjoJADH1mcU0OcJA7cqQkYAms4w8xIcPH4/iIHN3x4FK5j > XqQTQ7QdBVCdAkP/ssntQS4lQzn8XKKK9Vlo1bk0oFKMPASJScN/O8ZzYi5EtJDW > BLrornMjWqf+5YD8TAd/OJfB42oY2bWUyWp384i8EBQc1dm/FVQ= > =7znw > -END PGP SIGNATURE- I didn't know alt+f11 could do that too, definitely good to know. I've already found a fix btw, I'm not sure if you read my post above or is just providing extra info. I apologize if I wrote a bit too much to make it a TL:DR, I understand if so. I'll put a TL:DR version below. (Must be scripted and keybinded to work something else than the terminal). wmctrl -r :ACTIVE: -b toggle,fullscreen or (Must be scripted together to chain both commands and keybinded to use on a focused window). xdotool key space+alt xdotool key f Both will do exactly what alt+space+f or alt+f11, but usefulness is that it can be keybinded to whichever keybind, in particular useful if not having a keyboard available or if seeking easier keybind choices, whatever ones needs may be. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f42dd524-27e7-4be6-bf98-67d60f4c83bb%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Looking for the 'alt+space+f' (fullscreen) command - Purpose is to place a new keybind
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Have you tried 'alt+F11' on XFCE? It's default hotkey in XFCE for fullscreen and you can modify it using configuration editor. -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEznLCgPSfWTT+LPrmFBMQ2OPtCKUFAlqAFlcACgkQFBMQ2OPt CKXVORAAn/Y8CO2whwLHDAZhSr/1dPpk4aWvS6elpcEA8eO1ahfPOCLVrchbye0I 4BN42XHfUEDfzzquiYu57nO0k6KoNWrvaoe4DlywaQ1ZC38mPEPpu0CGrknxGoLY EWMiWHL3pMEflZPzUEJXFYAbgHEsWOyihaLkv8ofKHWxIhnMkTEmqwwxIiW0TCdo hFuejDuSTWC4z+aBOwGHOs9y7wlzo4FknJpEL3FOA4A4qDQZmGHzuKjDqi09h1Ac anuGOL8Y0eYt/fhJjeOhLsKpv1oaEDDs8pHHted3385U6OSdjlPeVHN4GgAOdNxu GcsfMdPWBZgNUj9pZTIJlXOSTlqwpExU/ateBOKMbauATeZ7iGIXO6XsM3kT1Uvw ss/AIEQ3qkXlcueOO6XsCpY+AiOmoNJ/p7CVn58TBBW42w/3x4XLXTwLOK8scnLn /2Yw/chFWlzLsTozFZC84ARtUHo0Sb3z/FqeQocc+77QCxgNhYfm/WCig6crcCLV LFF8n4pZY8mOPQEwEQWjoJADH1mcU0OcJA7cqQkYAms4w8xIcPH4/iIHN3x4FK5j XqQTQ7QdBVCdAkP/ssntQS4lQzn8XKKK9Vlo1bk0oFKMPASJScN/O8ZzYi5EtJDW BLrornMjWqf+5YD8TAd/OJfB42oY2bWUyWp384i8EBQc1dm/FVQ= =7znw -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6d2a0bd6-dc7b-b18e-017f-def9c3e3f05b%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Looking for the 'alt+space+f' (fullscreen) command - Purpose is to place a new keybind
On Sunday, February 11, 2018 at 9:51:56 AM UTC+1, Yuraeitha wrote: > On Sunday, February 11, 2018 at 9:18:16 AM UTC+1, Matteo wrote: > > > Does anyone know the 'alt+space+f'(fullscreen) command, or where to find > > > it? Or are there none available in /bin /usr/bin or similar? > > > > i think that you have to press that keys on the keyboard, is not a > > terminal command (in fact you can't find in /usr/bin) > > > > if you press alt+space bar a menu should pop up, the same menu can be > > seen by clicking in the title bar of the window, from there you can see > > maximize, minimize, close, and probably also fullscreen that can be > > quickly selected with f. > > > > note that qubes by default doesn't allow fullscreen, unless you enable > > it. also usually websites and programs have a easily accessible > > fullscreeen button (youtube). > > > > but i'm not sure about what you want to do. > > hope it helps > > In Qubes 4 I never had to enable it btw, oddly, it just works. > > I've solved the problem since posting, I was looking the entirely wrong place > all along, but new ideas for clues came along after I had posted. So I > deleted the topic since it had no views/posts at the time anyway and was > resolved. But it seems it wasn't deleted after all x) But thinking it over > again, perhaps this can help others looking to solve this too. > > I've found two methods to solve it, although the second is only half solved. > It was a bit like treasure hunting, here's the results. > > 1'st approach: > wmctrl -r :ACTIVE: -b toggle,fullscreen > If this is written in dom0 terminal, or any AppVM terminal, then the window > will go fullscreen. This is the one one may want if keybinding, and pressing > an active keybind while another window of choice is active. Write a .sh > script file in dom0, and save the command. Then it's just a matter of using > dom0 keybinding to activate it. Which gives much more flexibility to > alt+space+f, for example changing it to alt+f or numpad at the other side of > the room for remote pre-configured controls, i.e. using Qubes as a large > screen on a distance. It has many uses, just use ones own imagination to find > one. Also I believe this is the command Qubes uses internally when pressing > alt+space+f, but I did not manage to confirm that. Also another variant is to > use; > wmctrl -r :SELECT: -b toggle,fullscreen > This variant essentially turns ones mouse into a click to fullscreen > whichever window one may pick with the mouse. One can still keyboard alt+tab > between windows, without loosing the pointer to click, if the window is > buried under the other windows. But for keybinding purposes, the ACTIVE > variant is better suited than SELECT, at least for my own needs. > > 2'nd approach: > This is only half solving the problem, but simply writing in dom0, 'xdotool > key alt+space' will bring up the XFWM4 popup menu, though I did not find a > way to "chain it" to then select the last key, "f". But since I had the above > solution already, I did not venture deeper to solve it, it needs the last > step if anyone wants to use this approach. I'm personally content with the > 1st approach though, it solves everything for my own needs. > > > On the security side of things, then dom0 controlled fullscreen "should" be > fine, for as long it stays in the control of dom0, and not the VM. If the VM > can change the fullscreen, it's my understanding it can exploit the user in > social hacking. But if you control which VM has access to fullscreen, then > you can also limit this issue, and are less likely to fall victim. That's my > understanding, it may be I misunderstood the attack vector, but I think its > correctly understood. The reason full-screen is bad, as I've understood it, > is that social hacking can happen when you least expect it, so if you > manually enter fullscreen, for a VM with limited and locked-down purposes, > i.e. heavily firewalled with one of few purposes to the internet, then you're > much less likely to fall victim to screen social hacks. Do feel free to > correct me if I'm wrong about that, though, I don't think the security is any > different than using alt+space+f, since it's essentially the same thing, and > also controlled from dom0. Just got a new idea to solve the 2nd approach of the two to archive the same result (ironically after I posted the above, this seems to be a theme laltely >.<). But now both approaches works, whichever one prefers over the other. write a .sh script and put in; xdotool key space+alt xdotool key f That's it, it was surprisingly simple to fix, it works smoothly like wmctrl does too. If anyone wants to do this themselves, then remember to change executable and owner if you accidentally wrote it in sudo for root ownership of the file you put in the home folder. sudo chown your-username '/path-to-script.sh' chmod +x '/path-to-script.sh' Then keybind your script, but remember
Re: [qubes-users] Looking for the 'alt+space+f' (fullscreen) command - Purpose is to place a new keybind
On Sunday, February 11, 2018 at 9:51:56 AM UTC+1, Yuraeitha wrote: > On Sunday, February 11, 2018 at 9:18:16 AM UTC+1, Matteo wrote: > > > Does anyone know the 'alt+space+f'(fullscreen) command, or where to find > > > it? Or are there none available in /bin /usr/bin or similar? > > > > i think that you have to press that keys on the keyboard, is not a > > terminal command (in fact you can't find in /usr/bin) > > > > if you press alt+space bar a menu should pop up, the same menu can be > > seen by clicking in the title bar of the window, from there you can see > > maximize, minimize, close, and probably also fullscreen that can be > > quickly selected with f. > > > > note that qubes by default doesn't allow fullscreen, unless you enable > > it. also usually websites and programs have a easily accessible > > fullscreeen button (youtube). > > > > but i'm not sure about what you want to do. > > hope it helps > > In Qubes 4 I never had to enable it btw, oddly, it just works. > > I've solved the problem since posting, I was looking the entirely wrong place > all along, but new ideas for clues came along after I had posted. So I > deleted the topic since it had no views/posts at the time anyway and was > resolved. But it seems it wasn't deleted after all x) But thinking it over > again, perhaps this can help others looking to solve this too. > > I've found two methods to solve it, although the second is only half solved. > It was a bit like treasure hunting, here's the results. > > 1'st approach: > wmctrl -r :ACTIVE: -b toggle,fullscreen > If this is written in dom0 terminal, or any AppVM terminal, then the window > will go fullscreen. This is the one one may want if keybinding, and pressing > an active keybind while another window of choice is active. Write a .sh > script file in dom0, and save the command. Then it's just a matter of using > dom0 keybinding to activate it. Which gives much more flexibility to > alt+space+f, for example changing it to alt+f or numpad at the other side of > the room for remote pre-configured controls, i.e. using Qubes as a large > screen on a distance. It has many uses, just use ones own imagination to find > one. Also I believe this is the command Qubes uses internally when pressing > alt+space+f, but I did not manage to confirm that. Also another variant is to > use; > wmctrl -r :SELECT: -b toggle,fullscreen > This variant essentially turns ones mouse into a click to fullscreen > whichever window one may pick with the mouse. One can still keyboard alt+tab > between windows, without loosing the pointer to click, if the window is > buried under the other windows. But for keybinding purposes, the ACTIVE > variant is better suited than SELECT, at least for my own needs. > > 2'nd approach: > This is only half solving the problem, but simply writing in dom0, 'xdotool > key alt+space' will bring up the XFWM4 popup menu, though I did not find a > way to "chain it" to then select the last key, "f". But since I had the above > solution already, I did not venture deeper to solve it, it needs the last > step if anyone wants to use this approach. I'm personally content with the > 1st approach though, it solves everything for my own needs. > > > On the security side of things, then dom0 controlled fullscreen "should" be > fine, for as long it stays in the control of dom0, and not the VM. If the VM > can change the fullscreen, it's my understanding it can exploit the user in > social hacking. But if you control which VM has access to fullscreen, then > you can also limit this issue, and are less likely to fall victim. That's my > understanding, it may be I misunderstood the attack vector, but I think its > correctly understood. The reason full-screen is bad, as I've understood it, > is that social hacking can happen when you least expect it, so if you > manually enter fullscreen, for a VM with limited and locked-down purposes, > i.e. heavily firewalled with one of few purposes to the internet, then you're > much less likely to fall victim to screen social hacks. Do feel free to > correct me if I'm wrong about that, though, I don't think the security is any > different than using alt+space+f, since it's essentially the same thing, and > also controlled from dom0. "or any AppVM terminal" scratch those 4 words out, I don't know why I wrote these, when its neither feasible nor secure to do it inside an AppVM <.< but it of course only works in dom0 terminal from a technical/practical perspective too. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/85a01587-3aff-4002-8db1-53ff290ff20a%40googlegroups.com. For more op
Re: [qubes-users] Looking for the 'alt+space+f' (fullscreen) command - Purpose is to place a new keybind
On Sunday, February 11, 2018 at 9:18:16 AM UTC+1, Matteo wrote: > > Does anyone know the 'alt+space+f'(fullscreen) command, or where to find > > it? Or are there none available in /bin /usr/bin or similar? > > i think that you have to press that keys on the keyboard, is not a > terminal command (in fact you can't find in /usr/bin) > > if you press alt+space bar a menu should pop up, the same menu can be > seen by clicking in the title bar of the window, from there you can see > maximize, minimize, close, and probably also fullscreen that can be > quickly selected with f. > > note that qubes by default doesn't allow fullscreen, unless you enable > it. also usually websites and programs have a easily accessible > fullscreeen button (youtube). > > but i'm not sure about what you want to do. > hope it helps In Qubes 4 I never had to enable it btw, oddly, it just works. I've solved the problem since posting, I was looking the entirely wrong place all along, but new ideas for clues came along after I had posted. So I deleted the topic since it had no views/posts at the time anyway and was resolved. But it seems it wasn't deleted after all x) But thinking it over again, perhaps this can help others looking to solve this too. I've found two methods to solve it, although the second is only half solved. It was a bit like treasure hunting, here's the results. 1'st approach: wmctrl -r :ACTIVE: -b toggle,fullscreen If this is written in dom0 terminal, or any AppVM terminal, then the window will go fullscreen. This is the one one may want if keybinding, and pressing an active keybind while another window of choice is active. Write a .sh script file in dom0, and save the command. Then it's just a matter of using dom0 keybinding to activate it. Which gives much more flexibility to alt+space+f, for example changing it to alt+f or numpad at the other side of the room for remote pre-configured controls, i.e. using Qubes as a large screen on a distance. It has many uses, just use ones own imagination to find one. Also I believe this is the command Qubes uses internally when pressing alt+space+f, but I did not manage to confirm that. Also another variant is to use; wmctrl -r :SELECT: -b toggle,fullscreen This variant essentially turns ones mouse into a click to fullscreen whichever window one may pick with the mouse. One can still keyboard alt+tab between windows, without loosing the pointer to click, if the window is buried under the other windows. But for keybinding purposes, the ACTIVE variant is better suited than SELECT, at least for my own needs. 2'nd approach: This is only half solving the problem, but simply writing in dom0, 'xdotool key alt+space' will bring up the XFWM4 popup menu, though I did not find a way to "chain it" to then select the last key, "f". But since I had the above solution already, I did not venture deeper to solve it, it needs the last step if anyone wants to use this approach. I'm personally content with the 1st approach though, it solves everything for my own needs. On the security side of things, then dom0 controlled fullscreen "should" be fine, for as long it stays in the control of dom0, and not the VM. If the VM can change the fullscreen, it's my understanding it can exploit the user in social hacking. But if you control which VM has access to fullscreen, then you can also limit this issue, and are less likely to fall victim. That's my understanding, it may be I misunderstood the attack vector, but I think its correctly understood. The reason full-screen is bad, as I've understood it, is that social hacking can happen when you least expect it, so if you manually enter fullscreen, for a VM with limited and locked-down purposes, i.e. heavily firewalled with one of few purposes to the internet, then you're much less likely to fall victim to screen social hacks. Do feel free to correct me if I'm wrong about that, though, I don't think the security is any different than using alt+space+f, since it's essentially the same thing, and also controlled from dom0. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6e3d8c54-6940-4c1a-830a-807ad76c897c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Looking for the 'alt+space+f' (fullscreen) command - Purpose is to place a new keybind
> Does anyone know the 'alt+space+f'(fullscreen) command, or where to find it? > Or are there none available in /bin /usr/bin or similar? i think that you have to press that keys on the keyboard, is not a terminal command (in fact you can't find in /usr/bin) if you press alt+space bar a menu should pop up, the same menu can be seen by clicking in the title bar of the window, from there you can see maximize, minimize, close, and probably also fullscreen that can be quickly selected with f. note that qubes by default doesn't allow fullscreen, unless you enable it. also usually websites and programs have a easily accessible fullscreeen button (youtube). but i'm not sure about what you want to do. hope it helps -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/73852f83-babb-e8e8-afed-072ce052612d%40posteo.net. For more options, visit https://groups.google.com/d/optout.
