Modern graphical user interfaces must be both extremely versatile and beautiful to be appealing for users. Current GUIs try to fulfil those requirements at the cost of extremely high complexity, which puts the privacy and security of the user at risk. The talk will introduce a new component-based GUI architecture that puts security in the front seat while aiming at highly customizable user experiences.
GUIs face the challenge to appeal to users with vastly different tastes. Visually, each user seems to have different preferences, which current-generation GUIs try to address with theming engines. But also conceptually, different groups of users prefer different concepts. For example, a window manager might support floating windows, tiled windows, tabbed windows, and virtual desktops. In order to be appealing to a large user base, it has to support as many of those concepts as possible. As another example, modern widget tool kits such as Qt5 try to accommodate all kinds of applications with a huge library of features. The richness of features, however, comes at a price, which is the overwhelming complexity of current-generation GUI systems. Large parts of the GUI are shared among graphical applications including both privacy-sensitive as well as potentially malicious programs. In the presence of malware, the complexity becomes a large attack surface. But how can this be avoided?
The talk will introduce a new architecture that applies microkernel construction principles to split the GUI into an arrangement of components such that the highly complex elements are stuffed away in sand boxes where they cannot do any harm. The security-critical parts are encapsulated into tiny components that do not even rely on a C runtime. Their ultra-low complexity and rigid interfaces mitigate the chance for attacks. At the same time, the architecture provides large degrees of freedom with respect to the virtual presentation and the window-layout management.
The key components and their relationship will be explained and demonstrated live during the talk.
Speakers: Norman Feske