Hello, I'm curious if anyone has tried using any portable eternal laptop monitors in Qubes, like the DisplayLink-powered USB ones?
Some examples of the kind of monitors I'm talking about: - ASUS MB169B+ -- https://www.asus.com/uk/Monitors/MB169BPlus/ - ASUS ZenScreen MB16AC -- https://www.asus.com/us/Monitors/MB16AC/ - AOC E1659FWU -- http://us.aoc.com/en/products/e1659fwu They seem appealing to me because it seems they can get power and signal from a single USB port, and be easily thrown in a laptop bag. These all seem to be driven by DisplayLink [1], which seems to have at least some WIP linux support. Of course, having your *output* devices also attached via your ideally-untrusted USB controller opens up a whole new world of possibilities not previously reasoned about in my threat modeling, especially on laptops where the input devices are rather unfortunately internally attached via only the same single USB controller, but it would definitely be an interesting possibility to explore regardless! Has anyone tried such devices? Anything interesting to report with respect to Qubes support, or even just Linux support generally? There would of course be lots of details to figure out, but I would ultimately be interested in passing through such a device to a only-partially-trusted USB/GUI VM which could only view/render a subset of my graphics, thus allowing me to benefit from the extra screen real-estate for non-sensitive work while still trying to ensure that I could not accidentally allow a malicious monitor to e.g. screen-scrape my vault VMs, as well as isolate dom0 from exploits in the USB/graphics stack. There is at least some communication from a display back to a host [2][3] (and almost certainly more that I am unaware of), and I bet there are some interesting and unexplored potential attack vectors for a malicious display trying to compromise an attached host. Regards, Jean-Philippe [1]: https://en.wikipedia.org/wiki/DisplayLink [2]: https://en.wikipedia.org/wiki/Extended_Display_Identification_Data [3]: https://en.wikipedia.org/wiki/Display_Data_Channel -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CABQWM_CLNXojy%3DYu3iPOqwqanBhsrABu_Z3Vnghj%3DwPi2eg3KA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.