@fastfinge Very interesting read, and thanks for putting it together. In particular, the "on-device image description" section piqued my interest as I thought, and mentioned several times on Mastodon, that with such a poor output quality, it shouldn't have found its way into alphas in the first place.
@amir I agree. But I do think it was worth exploring. In the same way I wrote my proof of concept AI text to speech addons. Without actually making them, I wouldn't have fully understood what a bad idea that is, and why it's a bad idea. I would have loved to see NVDA develope a prototype on-device image description addon. Then maybe realize it wasn't good enough and scrap it. But of course, as an addon, someone else could pick up the work if they thought they could salvage it. Because it was in core, now it's removed, and nobody else can hack on it even if they want to.
@fastfinge Agreed. But I even faced difficulty, and soft criticism, communicating the poor output of the feature to NVAccess. I was under the impression that they wanted me, and others, not to expect much from a feature like that, while praising its privacy-focused, on-device aspects.
@amir Yes. And I experienced hard criticism for even discussing a security feature in public. This, too, is a problem. Is NVAccess under funding pressure? Are they struggling to get grants, and public criticism of them is endangering that? Repeat it with me, everyone: I'm probably missing context, so I'll just have to trust that NVAccess knows things I don't.
@pixelate@amir I mean, if I had found a way to create an HTML file that would cause NVDA to delete all of your files whenever you opened it, I would agree that security through obscurity is, in fact, the way to go. Disclose that privately and let NVAccess fix it. But I can't agree that discussions of the design of the entire security system can, or should, take place in private.
@fastfinge Honestly, I was also flabbergasted by their message and intolerance! After all, you were not exposing a security vulnerability or hole. You were talking about a feature being promoted as a security measure, while it might not achieve the promised goals.
@fastfinge@amir No you are welcome to criticise publically - where it is warranted. You came out yesterday, guns blazing with random thoughts which were completely wrong. We've never shied away from open discussion, but unfounded and completely wrong assertions don't help anyone.
@NVAccess@amir And the assumption that were wrong I and others had corrected long before you got involved. The rest you declined to speak to, other than to complain that the discussion was public.
@amir@fastfinge Not at all. You were clear with your criticism, and we appreciate that. We never said not to expect anything, just that an on-device solution for that is ALWAYS going to produce simpler results than a cloud based model. We tried it, we couldn't get satisfactory results, we put it on hold, and actually I believe someone is looking at picking it up (just because it wasn't an add-on doesn't mean someone else can't jump in and help) so we may yet get somewhere with it.
