Security issues on Windows 10 lock screen #5269

Closed
nvaccessAuto opened this Issue Aug 6, 2015 · 2 comments

1 participant

@nvaccessAuto

Reported by jteh on 2015-08-06 00:42
Unlike earlier versions of Windows, the Windows 10 lock screen no longer runs on the winlogon secure desktop. Instead, it runs on the default (normal) desktop, but you can't switch apps, bring other windows to the foreground, etc. Unfortunately, this doesn't stop users from exploring other apps with the review cursor, reading/manipulating the clipboard, messing with the user's NVDA configuration, etc. IMO, this is a pretty nasty security issue in Windows itself, but this is apparently what Microsoft have chosen to do.

We can't simply start a secure copy of NVDA, as that would involve restarting the user's normal copy (since this is on the default desktop), which would result in loss of state and potentially be a bit slow. Therefore, we're going to have to somehow disable relevant parts of NVDA.

I think this will basically consist of three parts:
1. Preventing the user from object navigating out of the lock screen;
2. Blocking all non-essential scripts;
3. If we want to allow the synth settings ring commands, creating a temporary configuration which is thrown away when the lock screen goes away.

@nvaccessAuto

Comment 1 by James Teh <jamie@... on 2015-08-06 07:23
In [6795af8]:
```CommitTicketReference repository="" revision="6795af87c2afe8b174abcea600d88813d4a37165"
On the Windows 10 lock screen, it is no longer possible to read the clipboard, access running applications with the review cursor, change NVDA configuration, etc.

Also, NVDA no longer says "LockAppHostFrameWindow" just before the lock screen appears.
Fixes #5269.

Changes:
State: closed
@nvaccessAuto

Comment 2 by jteh on 2015-08-06 07:24
In the end, I didn't bother allowing the user to change configuration at all. This makes things simpler and this has limited usefulness anyway, since some configuration can't be accessed without using GUI anyway.

@nvaccessAuto nvaccessAuto added this to the 2015.3 milestone Nov 10, 2015
@jcsteh jcsteh added a commit that referenced this issue Nov 23, 2015
@jcsteh jcsteh On the Windows 10 lock screen, it is no longer possible to read the c…
…lipboard, access running applications with the review cursor, change NVDA configuration, etc.

Also, NVDA no longer says "LockAppHostFrameWindow" just before the lock screen appears.
Fixes #5269.
6795af8
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment