User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
Admin
completely blind computer geek, lover of science fiction and fantasy (especially LitRPG). I work in accessibility, but my opinions are my own, not that of my employer. Fandoms: Harry Potter, Discworld, My Little Pony: Friendship is Magic, Buffy, Dead Like Me, Glee, and I'll read fanfic of pretty much anything that crosses over with one of those.
keyoxide: aspe:keyoxide.org:PFAQDLXSBNO7MZRNPUMWWKQ7TQ
Location Ottawa
Birthday 1987-12-20
Pronouns he/him (EN)
xmpp fastfinge@im.interfree.ca
keyoxide aspe:keyoxide.org:PFAQDLXSBNO7MZRNPUMWWKQ7TQ
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@NVAccess @amir In an addon perhaps. Nv speech player was tested that wway. It didn’t work and was dropped. Someone else picked it up, and it lives on to this day.
1
0
0
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@NVAccess @cachondo So anyone with any questions at all should ask directly and in private? That doesn’t scale. The fact you can’t point anyone to the public places where these answers can be found is even worse.
2
0
2
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@NVAccess @MostlyBlindGamer This is, to be blunt, not true. You corrected assumptions that my post was edited to correct hours before you got involved. The rest of the thread is you complaining that the design of security systems should be conducted completely behind closed doors. I am doing my best to believe you are conducting this discussion in good faith. But I’m starting to struggle. As you are the nv access official account, it’s starting to look like nvaccess just doesn’t want any public discussion or criticism of its design choices.
0
0
0
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@fireborn @FreakyFwoof I mean, based on the number of times my elderly family members get called by a nice man at "The Department of The Microsoft Windows", I could see potentially making that argument. I'm not sure I would, but...like...if you assigned it to me in debate club, I could defend it vigorously.
0
0
0
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@dangero I don’t entirely disagree with you. But that begs the question: what is the smallest atomic screen reader core? No braille support, obviously. No synthesizer built in, of course. MSAA and aria and all the other accessibility APIs should be addons. Uh…what’s left? Soon you just end up with an addon manager that makes so few assumptions it does nothing at all. Sounds like just telling someone to download Python and build a screen reader from pip packages. My point is it’s possible to go too far in either direction. But where the line is requires intentionality. It should be designed and decided, not just evolved.
0
0
0
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@pixelate @amir I mean, if I had found a way to create an HTML file that would cause NVDA to delete all of your files whenever you opened it, I would agree that security through obscurity is, in fact, the way to go. Disclose that privately and let NVAccess fix it. But I can't agree that discussions of the design of the entire security system can, or should, take place in private.
0
0
0
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@amir @FreakyFwoof And the idea that "We've never done it that way, because we don't do that, so it can't be done." is another alarming sign of shallow decision making. Also, NVDA has never moved an addon into core. So they're already doing things they've never done before.
0
0
1
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@amir Yes. And I experienced hard criticism for even discussing a security feature in public. This, too, is a problem. Is NVAccess under funding pressure? Are they struggling to get grants, and public criticism of them is endangering that? Repeat it with me, everyone: I'm probably missing context, so I'll just have to trust that NVAccess knows things I don't.
3
0
2
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@amir @FreakyFwoof Could NVDA have taken over maintaining the addon, but not have made it part of core? That way, it could be updated separately from NVDA. Maybe that would have made maintaining it harder somehow? I don't know. To repeat myself again: "I'm probably missing context, so I'll just have to trust that NVAccess knows things I don't." That phrase is doing far too much work, I think.
1
0
1
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@amir I agree. But I do think it was worth exploring. In the same way I wrote my proof of concept AI text to speech addons. Without actually making them, I wouldn't have fully understood what a bad idea that is, and why it's a bad idea. I would have loved to see NVDA develope a prototype on-device image description addon. Then maybe realize it wasn't good enough and scrap it. But of course, as an addon, someone else could pick up the work if they thought they could salvage it. Because it was in core, now it's removed, and nobody else can hack on it even if they want to.
1
1
1
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@FreakyFwoof @miki Right, but I am the one who decides if it gets enabled or not. Once NVDA is installed, the corporate security people have no control over that. But NVDA does have a corporate mode that disables addons.
2
0
0
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@FreakyFwoof @miki @ednun_p You could, in theory, run your NVDA Remote server on any port you want. I don't know anyone who does. But you could.
1
0
1
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@miki @FreakyFwoof So wouldn't having it in core be better, in that case? That way remote access still works without employees having to install addons. Or would it be worse, because remote access now can't be disabled? I don't know enough about the corporate environment to know either way. But I'm starting to wonder if NVAccess does, either. This is my entire point: these decisions are hard, and require deep thought and deep study, both to make the best possible decision (there are no perfect decisions) and to understand how you got there.
1
0
0
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@FreakyFwoof @miki The more remote connections a screen reader makes, and the more possibilities it provides for an outsider to take control of a corporate machine, the harder it is to get corporate security people to let you install it. Jaws tandem had to solve the same problem, though.
1
0
0
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@miki @FreakyFwoof Yes, this is another factor. But once again: jaws tandem is built in. Why is NVDA remote different? Again, I'm not sure what I think here. But I do know that the question is complicated.
0
0
0
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@fireborn @FreakyFwoof I'm not sure I disagree with you. But to play devil's advocate, should a user who isn't technical enough to install an addon have a feature built into their screen reader that can allow another user to take full control of their machine? They could easily be tricked into giving control to someone they shouldn't.
1
0
0
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@VE3RWJ No worries! I wish I knew what was up on your machine. You're the only one with these problems LOL
0
0
0
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@FreakyFwoof I completely agree that it's required. But does that mean it should be in core? I dunno. Like I say, reasonable people can disagree. But I notice that Apple has started moving apps (apple sports, apple invites, etc) out of the main OS so they can maintain and update them seperatly.
3
0
0
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
@VE3RWJ I'm not sure what's up on your machine. I just checked:
stuff.interfree.ca resolves to 207.90.194.199

The certificate should be trusted by all major web browsers (all the correct intermediate certificates are installed).

The certificate will expire in 85 days.

The hostname (stuff.interfree.ca) is correctly listed in the certificate.
Common name: *.interfree.ca
SANs: .interfree.ca, .rblind.com, interfree.ca, rblind.com
Valid from May 15, 2026 to August 13, 2026
Serial Number: 06a09afa07f5130433af0509623757306f2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: R13

Common name: R13
Organization: Let's Encrypt
Location: US
Valid from March 12, 2024 to March 12, 2027
Serial Number: 5a00f212d8d4b480f3924157ea298305
Signature Algorithm: sha256WithRSAEncryption
Issuer: ISRG Root X1
www.sslshopper.com/ssl-checker.html#hostname=stuff.interfree.ca
2
0
0
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
1mo
NVAccess and the slow Erosion of trust: I still believe that NVDA is the best available screen reader, and I still donate monthly. These are just a chronicle of decisions that have made me go... Huh. What? stuff.interfree.ca/2026/05/20/nvaccess-and-the-slow-erosion-of-trust.html
12
15
9
0