Santiago Zarate changed bug 1219019
What Removed Added
CC   santiago.zarate@suse.com

Comment # 1 on bug 1219019 from Santiago Zarate 
Out of curiosity, how are you installing Nitrokey app? 

I was having trouble even starting it some time ago -
https://github.com/Nitrokey/nitrokey-app2/issues/67

(In reply to Stakanov Schufter from comment #0)
> Nitrokey app is a 35d party software provided by the producer Nitrokey. 
> Its function should be as follows:
> app is resident in the tray
> insertion of the key triggers app to give notice "key connected"
> once you unlock the secure password and/or an TOTP key, this is temporarily
> copied into the clipboard, hence you can paste it into the respective
> application. 
> 
> Hence the core function of the app is, to provide the TOTP or password to
> the clipboard and make it available. 
> 
> Now under X-server sessions this works flawlessly, but to my dismay I
> discovered that it is broken under Wayland. While the generation of the
> TOTP/OTP and the availability of the passwords are given in Wayland, there
> seems to be no way to have them transferred to the clipboard, which remains
> blanc and hence the functionality is broken. I signed this as major because
> it breaks the function of the app itself and there is a potential damage to
> the user. Imagine you are in the middle of e.g. buying a ticket / time
> limited offer and you have to unlock the catch by payment now. Unfortunately
> you are under Wayland, so you will find out that e.g. you cannot pay. This I
> find it to be a major issue as it can cause financial loss to the user.
> Because in order to work around you have to logout the session and login the
> session as X, but now your offer/ticket etc is gone. (A lot of users I
> suppose use Wayland as default on laptops now).
> 
> A further danger I see with this is, that we are talking of shifting to
> Wayland as default and that X-server is somewhat deprecated now. So a
> security conscious user may well find himself sitting on the fence to choose
> between using less safe X doing business, not to speak of maybe soon, not
> being able to use the key at all, because no X-session is available any
> more(although this is probably still to come in future editions of TW
> but...better to fix it as soon as possible). 
> 
> Steps to follow: 
> wayland KDE Plasma session with the app2
> insert key
> unlock password
> tell to copy to clipboard
> clipboard remains blanc 
> 
> counter proof: log into the X-session version and it works.

You are receiving this mail because: