Send in your ideas. Deadline February 1, 2025
Grant
Theme fund: NGI0 PET
Period: 2020-02 — 2022-10
More projects like this
Operating Systems

KWin and Wayland input

Secure windowing system for KWin

This project is archived. Due to circumstances, the project as planned did not take place. This page is left as a placeholder, for transparency reasons and to perhaps inspire others to take up this work.

When you run remote applications across the internet, you typically need a display server. Wayland is the future windowing system on Unix, a communication protocol that specifies the communication between a display server and its clients One core goal in its design was to provide a safe and secure system protecting users data and privacy. The traditional windowing system X11 does not, which means that programmes can just spy on inputs and outputs of every other programme. Making a secure system that is still usable comes with challenges. When clients need to communicate, channels of communication must be carefully designed to provide it in a secure and reliable way. One of these channels is when one client provides a virtual keyboard or input methods support (for example for CJK languages) and another client consumes the input data. The project aims at implementing communication channels for that through Wayland protocol extensions in KWin and provide test clients as well as improving the used protocol extensions upstream.

Why does this actually matter to end users?

You are probably reading this text using a browser on your laptop or pc. Maybe you just got an email and switched to your inbox to check who it was from. Or received a chat message from a friend asking what is keeping you so long and when you will be going out for drinks. All of these channels and applications are served up to you in neat and slick windows, complete with useful buttons for you to push and clear indicators to know what does what. The software managing all of these graphical user interfaces for your applications is called a display server. When you type a few sentences with your keyboard to write an email or use your mouse to click on a link in your browser, the display server handles all the input and output and makes sure everything goes to the right place.

The software and protocol handling almost everything you type and click should be secure, privacy-friendly companions. This becomes even more important when you run applications over the internet for hundreds or thousands of people to use, where the display server will handle all of their (potentially sensitive and personal) input and output. Unfortunately, you cannot always be sure that your system keeps your input and output safe and protects you from applications that try to snoop in. This project will make the Wayland-protocol that communicates between the display server and applications on Linux and Unix-like operating systems more secure. Making such a fundamental part of a widely used operating system more privacy-aware and safe is an important step towards more trustworthy offline and online computing.

Logo NLnet: abstract logo of four people seen from above Logo NGI Zero: letterlogo shaped like a tag

This project was funded through the NGI0 PET Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825310.