

Ubuntu 11.04 Lets You 'Test Drive' Applications Without Installing - jagtesh
http://www.lifehacker.com.au/2011/03/ubuntu-11-04-lets-you-test-drive-applications-without-installing/

======
sedachv
Notice the QtNX client in the video - this is powered by
<http://en.wikipedia.org/wiki/NX_technology> which is a sort of proxy layer
for X11.

A lot of people hate on the fact that X is network transparent, but this just
shows why it's more important now than ever.

~~~
streptomycin
The new version of NX supports Windows and Mac servers, which don't rely on
X11 <http://www.nomachine.com/desktop-access.php>

~~~
sedachv
It looks like they just bolted on VNC - access to whole desktop only (no
individual apps), grabbing video, sending pixmaps. The X11 portion of NX
provides per-application remoting, and much better optimizations.

------
iuguy
Ok, so many years ago we used NX at work because it was a nice protocol that
let us run the GUI version of Nessus and a few other tools via Wine on our
(then) colo[1]. Anyway, we found that NX was as protectable as Citrix _.
Several months later we binned it and just VPN'd through the colo. I imagine
that unless things have improved from a security standpoint, Canonical's
images that they're using for this are going to get owned.

_ With the exception of one customer with whom we've worked with continuously
for 7 years, every single Citrix deployment we've ever looked at has been
exploitable to some extent.

[1] - Courtesy of the awesome <http://goscomb.net> \- they're not cheap but
damn they're good for UK connectivity.

------
nbpoole
Can I test-drive the Terminal on their remote system? :P

~~~
StavrosK
Why not? It's probably an EC2 instance they can reboot anyway, and you don't
get root.

~~~
nbpoole
Until there's a local root exploit. ;)

My point was simply that this feature carries with it some very large security
implications. I'm sure the people developing it are aware of that and will do
their best to mitigate any potential issues.

~~~
iuguy
Local root exploits are few and far between, unless you're running Android.

~~~
kragen
I wish. I have Ubuntu 10.10, released five months ago, and I already have had
to upgrade the kernel four times — because, I believe, of kernel
vulnerabilities, most of which I assume are local-root exploits.

~~~
iuguy
Sorry, I was being a bit sarcastic and for that I apologise. Picking Linux
kernel vulns is a bit like stealing candy from a baby at the moment due to the
way the driver model works. There was an awesome talk about it at dc4420[1] a
couple of months back and after some digging I pretty much lost the will to
live.

Linux Kernel exploits tend to 'return' into root, the vulnerabilities allow
them to execute in ring 0 (on x86) which gives them full direct access to the
hardware. Think trojaned firmware updates and that's the kind of capability
we're talking about, all because users can load and interact with drivers that
haven't been maintained for years.

------
samuel1604
It seems that the new buzz word in the apps ecosystem is to test-drive before
buying after amazon we have ubuntu now doing that (although not technically a
app-store)....

