On Mon, Nov 7, 2016 at 2:02 PM, Grzesiek Chodzicki <grzegorz.chodzi...@gmail.com> wrote: > In order to capture the whole screen such tool would need to run in dom0 > which is really, really not a good idea.
I think it is important to understand the actual risks involved, rather than just saying something is "really, really not a good idea". The design of qubes allows things of arbitrary complexity to exist and operate in dom0, so long as they do not handle untrusted inputs, and the tool itself is not actively malicious against qubes. In this case, the only untrusted inputs to a screen-recording tool should be only the framebuffer that it is recording. In this case, for an attacker to be able to violate the qubes security model, they would need to find an exploit in the video compression codec, and trigger that from the thing you are recording. For many, this may be an acceptably unlikely risk, particularly if the thing you are recording is relatively trusted already. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CABQWM_BZcgWgbVaN8_ic0Z%2B0zKWZyFTJoZ%2B2fVqJ235sbbG7VQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
