Skip to content
loading...

A science fiction terminal emulator 🚀

likebrain profile image Ricardo Rivera github logo ・1 min read

GitSquared / edex-ui

A science fiction terminal emulator designed for large touchscreens that runs on all major OSs.


Logo


Download Linux & macOS Windows Dependencies Build system Source
Release Badge Build Status Build status Dependabot Status Known Vulnerabilities Known Vulnerabilities

Download 1.1.1: for Windows | for macOS | for Linux x32 | for Linux x64

eDEX-UI is a fullscreen desktop application resembling a sci-fi computer interface, heavily inspired from DEX-UI and the TRON Legacy movie effects. It runs the shell of your choice in a real terminal, and displays live information about your system. It was made to be used on large touchscreens but will work nicely on a regular desktop computer or perhaps a tablet PC or one of those funky 360° laptops with touchscreens.

I had no ideas for a name so i took DEX-UI and added a "e" for Electron. Deal with it.

(Official ArchLinux AUR package maintained by @JesusCrie)

Screenshots

Default screenshot

(neofetch on eDEX-UI 1.0 with the default "tron" theme & QWERTY keyboard)

Blade screenshot

(browsh showing the results of a DuckDuckGo image search on


Hey, I can not describe how cool that is 😎
I love this kind of projects :)

twitter logo DISCUSS (13)
Discussion
markdown guide
 

It was made to be used on large touchscreens

Really interesting. I think this is a space that could come a long way in the next few years. I'd love to experiment with this myself.

 

I think this is just about experiences and fun. The project is an evolution of github.com/seenaburns/dex-ui which does not offer rich features.

I like the role of „Science-Fiction Philisopie“ as inspiriation for Technology. Look at KI, Robots and so on... all this was „Science-Fiction“

 

Really, Ben? It will be exploited once - and you have XSS...buth with OS access as sweet bonus. I do not understand how ppl do not think about security of frameworks at the first place.

 

I'm not necessarily speaking about the concept of touch-screen-oriented dev tools.

Yes—Electron brings resource management and security concerns. I see it more as proof of concept in a way.

It has been actively exploited in security-oriented messaging apps like Signal Desktop. So it has a history of ab(using) this PoC. And I'm not really sure that most people who download random plugins with 0 history of security audits to their electron-based editors, have their environments sandboxed for the sake of potential incident.

 

I think I saw this on r/unixporn recently. It's really awesome looking!

 
 

People & devs should really get rid off Electron everywhere if possible. For the sake of security.

 

Hey, you can also say that about many others.
You should always weigh the risk before executing foreign code.
If you want to protect yourself 100% then better shut down your PC.

History teaches us that popular technologies are always the target of attacks. Whether Android, Windows, Outlook, GMail or something else.

Avoid software because of that, I think the wrong way.
It would be better to find a solution to handle these problems. A better update strategy for Electron can do a lot.

It currently only in 2018 about 40 code execution CVE's for Microsoft Office. But nobody says you should avoid it.

I do not see a difference in risk here, do you?

 

I do. Would you run arbitrary JS code in browser which is not sandboxed? Considering all the problems with infected JS/Node packages after recent events? There is no perfect security, but at least you can avoid common attack vectors.

You know, in this discussion, we should not fall into whataboutism. All SW which is not regularly & properly audited by security professionals/community is potentially dangerous. But Electron offers perfect attack vector by itself, so I have no reason to use it (even in sandboxed environment).

Ok, I think every software should run in something like a sandbox. But the edge of the sandbox does not have to be your computer. In an enterprise environment, you can easily deploy an electron application safely. Even without security professionals / community.

Yes, the electron exploits are easy to use.
I think it will be irrelevant to use electron in the future.
Electron has the same fate as Crosswalk and gets killed by the Chrome browser.

Until then, try to live as stable with electron as possible. I'm not sure which role Microsoft is playing here, but they also have an interest in electron. (VSCode, Microsoft Teams, etc ...)

But I think the problem is the WebApp.
If Telegram supports an XSS in Electron why not in Safari or Chrome?

You have to trust a vendor not only the technology.

As you pointed out in another thread, this discussion would be good to transfer somewhere else on this forum (maybe a security meta-topic)? I'll try to answer you as comprehensively as I can tomorrow, because have some job to do. Btw I do offensive security on regular basis, so I think I understand the issue of (not-only) Electron in different contexts. I do no want to argue with you about usability. Web will simply defeat native apps (mainly) because of the pain with creating native UI libraries for each ecosystem and so on...but I still do thing that in common context Electron is very insecure by itself.

Classic DEV Post from May 28 '18

Math: from hate to love

how I converted from a math hater to a math lover

Ricardo Rivera profile image
Software Developer