Comment by estebank - Hacker Neue

estebank Nov 26, 2025 parent

Where in the stack should it be enforced that my cute desktop clock doesn't pull a Copilot and takes a screenshot of the entire desktop every 15 seconds to send to a remote service?

pabs3 Nov 27, 2025

In Xorg and the WM, using the XACE extension.

https://www.x.org/archive/X11R7.5/doc/security/XACE-Spec.htm...

ottah Nov 26, 2025

A security in depth approach obviously. Run less, use vetted sources, when running suspect software execute in a properly sandbox context. Seriously what's the point of securing screenshot and key loggers if a malicious process has full access to the users home directory, auido stack, webcam and network?

If you can't trust the process don't run it. If you have to run it, isolate all of it.

Wayland gives you neither the freedom to safely tailor your security policy, nor the security guarantees to warrant its inflexibility.

atherton94027 Nov 26, 2025

If your system is already running malware, why wouldn't the malware use a privilege escalation exploit (which are relatively numerous on linux) to access your data rather than some X11 flaw which depends on their code getting started by the user?

array_key_first Nov 27, 2025

Because it's not an x11 "flaw" or exploit, it's just how X works. I also just don't buy the whole "well other stuff has exploits too" mentality.

I mean, yeah, it does, maybe. So why bother creating a password to a service if their database is probably running Linux anyway and the rdbms is probably compromised and yadda yadda yadda. It's the kind of argument you can make for anything.

Also no - privilege escalation is not "numerous" on Linux. It's very difficult to do in practice. It's only really a problem on systems built on old kernels which refuse to update. But those will always be insecure, just like running Windows 7 will be insecure.

atherton94027 Nov 27, 2025

A quick search for "linux local privilege escalation" in the CVE database (https://www.cve.org/CVERecord/SearchResults?query=linux+loca...) shows 25 results just for this year, so clearly these are very common.

So basically we have two issues here:

1. either focus on security even though these changes don't really improve the threat model

2. or allow disabled users and anyone who uses accessibility features to use GUIs

TiredOfLife Nov 27, 2025

Neither Copilot or Recall do or did this.

This item has no comments currently.

Preferences

Keyboard Shortcuts

Story Lists

Navigation

Miscellaneous