• 1 Post
  • 5 Comments
Joined 1 year ago
cake
Cake day: June 8th, 2023

help-circle
  • Just pilling on some concrete examples, awesome-gemini is definitely the best place to start looking. There are both converters for the gemtext format and gateways for the protocols.

    For format conversion tools, awesome-gemini already lists a handful of tools.

    From the gemini side there are some gateways for specific websites operated by various people

    • BBC news gemini://freeshell.de/news/bbc.gmi
    • The Guardian gemini://guardian.shit.cx/world/
    • Lots of others gemini://gemi.dev/cgi-bin/waffle.cgi

    These work pretty well for me. I think there were public gateways to open http pages from gemini, but I can’t recall one from the top of my head.

    Some of the gemini browsers support gemini proxies to access http(s) content. You can run it in your own machine. Duckling is the only one I’m familiar (but see the awesome list for more)

    Conversely, to access gemini pages from a web browser portal.mozz.us hosts a gateway (just place whatever gemini link you want in the box).

    One big privacy caveat of using gemini proxies for this is that while this may improve your privacy with regards to javascript/cookies it will reduced it because it makes your behaviour more identifiable from the point of view of the websites you visit (i.e. your proxy is clearly not a browser making it unusual).


  • Depends on what you mean by “secure”, being very loose with the definitions, we have

    • end to end confidentiality (i.e. only you and the intended destination can see the message contents)
    • privacy (only the destination knows i’m sending messages to them)
    • anonymity (no one can find out who you are, where you live, i.e. metadata/identity/etc)

    My personal preference is Simplex.

    Reasoning for a few:

    • Email: even if you use PGP to encrypt messages the server(s) in the delivery path have access to all metadata (sender, receiver, etc, etc). If no encryption is in use, they see everything. Encryption protocols in e-mail only protect the communication between client and server (or hop by hop for server to server)
    • XMPP: similar reasoning to email. i.e. the server knows what you send to who. I should note that XMPP has more options for confidentiality of message content (PGP, OMEMO, others). So I find it preferable to email - but architecturally not too different.
    • IRC: Again similar reasoning to email - even if your IRC server supports TLS, there is no end to end encryption to protect message contents. There were some solutions for message encryption/signing, but I’ve never seen them in the wild.
    • Signal: Good protocol (privacy, confidentiality, etc). Dependency on phone number is a privacy concern for me. I think there are 3rd party servers/apps without the use of phone numbers.
    • Simplex: Probably the strongest privacy protection you can find, but definitely not easy in terms of usability. The assumption is that we do not trust the intermediate server at all (and expose nothing to it), we just leave our encrypted messages there for the receiver to pick up later. It also does some funny stuff like padding messages with garbage.
    • Matrix: In theory it supports end to end encryption in various scenarios, but my experience with it has been so bad (UX, broken encrypted sessions) I only use it for public groups.

    Some more food for though though; these protocols support both group communication and 1-1 messaging - privacy expectations for these two are very different. For example I don’t care too much about confidentiality in a group chat if there are 3000 people in there. It might be more concerned with concealing my phone/name/metadata.

    In general I consider large group chats “public”, I can try to be anonymous, but have no other expectations. e.g. some people use some protocols over ToR because they do not trust the service (or even the destination) but they try to protect their anonymity.

    On a technical note: I don’t think there is any protocol that supports multi-device without some kind of vulnerability in the past. So I would temper my expectations if using these protocols across devices.

    I’m not familiar with the other ones that were mentioned in comments or in the spreadsheet.



  • So lets be clear - there is no way to prevent others from crawling your website if they really want to (AI or non AI).

    Sure you can put up a robots.txt or reject certain user agents (if you self host) to try and screen the most common crawlers. But as far as your hosting is concerned the crawler for AI is not too different from e.g. the crawler from google that takes piece of content to show on results. You can put a captcha or equivalent to screen non-humans, but this does not work that well and might also prevent search engines from finding your site (which i don’t know if you want?).

    I don’t have a solution for the AI problem, as for the “greed” problem, I think most of us poor folks do one of the following:

    • github pages (if you don’t like github then codeberg or one of the other software forges that host pages)
    • self host your own http server if its not too much of an hassle
    • (make backups, yes always backups)

    Now for the AI problem, there are no good solutions, but there are funny ones:

    • write stories that seem plausible but hold high jinx in there - if there ever was a good reason for being creative it is “I hope AI crawls my story and the night time news reports that the army is now using trained squirrels as paratroopers”
    • double speak - if it works for fictional fascist states it works for AI too - replace all uses of word/expression with another, your readers might be slightly confused but such is life
    • turn off your web site at certain times of the day, just show a message showing that it only works outside of US work hours or something

    I should point out that none of this will make you famous or raise your SEO rank in search results.

    PS: can you share your site, now i’m curious about the stories



  • I’m a bit of terminal nerd, so probably not the best person to talk about desktop. I don’t have many thoughts with regards to app development or layout for accessibility. What I really would like is for distros to be accessible from the ground up, even before the desktop is up.

    The best example of accessibility from the ground up I saw for linux was talking arch, an Arch Linux spin with speech. Sadly the website is gone, but we can find it in the web archive

    in particular there was an audio tutorial to help you install the live cd (you can still ear it in the archive):

    Here are a few resources, which are pretty dated but I wish they were the norm in any install:

    Now going into your points:

    How should a blind Desktop be structured?

    To be honest I don’t expect much here. As long as context/window switching signals you properly you are probably fine. I have not used gnome with orca in a long time, but this used to be ok. The problems begin with the apps, tabs and app internal structure.

    Are there any big dealbreakers like Wayland, TTS engines, specific applications e.g.?

    Lots.

    Some times your screen reader breaks and its nice to have a magic key that restarts the screen reader, or the entire desktop. Or you just swap into a virtual console running speakup/yasr and do it yourself :D

    TTS engines are probably ok. Some times people complain about the voices, but I think it is fine as long as it reliably works, does not hang, responds quickly.

    Specific applications are tricky. The default settings on a lot of apps wont work well by default, but that is not surprising.

    I do think that a lot of newer apps have two problems

    1. they are not configurable or scriptable at all, there is only one way to do things and no way to customize it. Opening tickets to patch each and every feature is not feasible.
    2. They frequently go through breaking release cycles that nuke old features, so you need to relearn all your tricks on the next major release and find new hacks

    I can give you two good-ish examples, both Vim and Mutt can work very well with a terminal screen reader, but it is a lot of work to configure:

    • with vim you need to disable all features that make the cursor jump around and draw stuff (like line numbers and the ruler)
    • with mutt every single string in the screen can be customized, so you even insert SSML to control speech and read email

    I think you can find similar examples in desktop apps too.

    What do you think would be the best base Desktop to build such a setup on?

    no idea to be honest. Gnome use to have support. I suppose other desktops that can be remote controlled could be changed to integrate speech (like i3 or sway).

    Would you think an immutable, out of the box Distro like “Fedora Silversound”, with everything included, the best tools, presets, easy setup e.g. is a good idea?

    I have never used Silversound. But the key thing for me is to be able to roll back forward to a working state.

    How privacy-friendly can a usable blind Desktop be?

    I think it should be fine. People with screens have things like those Laptop Screen Privacy Filter, people using audio have headphones. Depending on your machine you can setup the mixer so that audio never uses the external speaker.

    I don’t recall the details but you can also have some applications send audio to the external speaker while others use your headphones (provided they are a separate sound card, like usb/bluetooth headphones).

    Also, how would you like to call it? “A Talking Desktop”?

    Urgh, Shouting Linux.