What does HackerNews think of xsecurelock?

xsecurelock[https://github.com/google/xsecurelock] has a few variants on this.

xscreensaver + light-locker should be okay, there is no virtual keyboard.

There is also xsecurelock [1] by Google.

[1] https://github.com/google/xsecurelock

I'm surprised he doesn't mention XSecureLock. Its entire focus is on preventing issues like this with modularity and redundancy.

https://github.com/google/xsecurelock

> that will reload it unless XSS exits with code 0 or something

Sort of what https://github.com/google/xsecurelock recommends doing.

Also, xsecurelock doesn't run the input and PAM auth in the same process as the lock, making input bugs (https://news.ycombinator.com/item?id=21224179) harmless as well.

Linux screen lockers are somewhat notorious for security-ish bugs like that. There's a project called XSecureLock that aims to address some of those, although I'm not sure if it fixes (or can fix) the restore-ram type bug you detailed.

https://github.com/google/xsecurelock

Yeah, I tried to get xsecurelock working with LXQt and systemd. What a mess. Eventually I had to just give up on it and switch back to xscreensaver-lock.

I posted a thread asking for advice and did get responses, but I haven't worked up the resolve to go back and try to get it working again. Last I checked, people were just suggesting I try something else, which kind of misses the point of the activity to uses the most secure lock screen that seemed to be available.

I appreciated the help, it just seems like the whole issue should be something provided by a systemd utility that you specify your lock screen for in a config file. I know people hate on it, but systemd really does tend to make it easier if you just kind of want your system fundamentals to stay in the background and just work rather than having to constantly meddle with them.

It's a point of pride to me that I've kept my Linux system going for so long (it's outlived one Windows and two Mac laptops) but it does feel like there's often a very myopic design to a lot of applications. That is, the author often expects you to be willing to context switch out of whatever you were doing for a few hours to learn their software to use it, and doesn't feel like there's any usability problem with the state of affairs. In the case of a lock screen, this was turning into multiple days.

I can only imagine that if things were simpler, it would make it easier to involve more people, bring them on board, and/or just to get stuff done.

Anyway - enough soapboxing.

https://github.com/google/xsecurelock

I generally use videos as a screensaver, it allows me to have pretty cool screensavers fast. I use xsecurelock [0] with the saver_mplayer backend, which means that when I lock the screen, xsecurelock runs the videos in my ~/Videos directory on repeat.

I couple that with something like the Iron Man schematics videos made by Territory Studio [1] and I've got myself a pretty rad looking screensaver (with minimal effort).

[0] https://github.com/google/xsecurelock

[1] https://www.behance.net/gallery/26009421/AVENGERS-Age-of-Ult...