No, it doesn't go places we "do not want it to go". What part of zero knowledge doesn't make sense? How precisely does a free, unlinkable, multi-vendor, open-source cryptographic attestation of recent humanity create something terrible?
It would behoove people to engage with the substance of attestation proposals. It's lazy to state that any verification scheme whatsoever is equivalent to a panopticon, dystopia as thought-terminating cliche.
We really do have the technology now to attest biographical details in such a way that whoever attests to a fact about you can't learn the use to which you put that attestation and in such a way that the person who verifies your attestation can see it's genuine without learning anything about you except that one bit of information you disclose.
And no, such a ZK scheme does not turn instantly into some megacorp extracting monopoly rents from some kind of internet participation toll booth. Why would this outcome be inevitable? We have plenty of examples of fair and open ecosystems. It's just lazy to assert right out of the gate that any attestation scheme is going to be captured.
So, please, can we stop matching every scheme whatsoever for verifying facts as actors as the East German villain in a cold war movie? We're talking about something totally different.
The ZK part isn't the problem. The "attestation of recent humanity" part is. Who attests? What happens when someone can't get attested?
You've been to the doctor recently, right? Given them your SSN? Every identity system ever built was going to be scoped || voluntary. None of them stayed that way.
Once you have the identity mechanism, "Oh it's zero knowledge! So let's use it for your age! Have you ever been convicted?" which leads to "mandated by employers" which leads to...
We've seen this goddamn movie before. Let's just skip it this time? Please?
The part where FAANG does usual Embrace, Extend, Extinguish, masses don't care/understand and we have yet another "sign in with... " that isn't open source nor zero-knowledge in practice and monetizes your every move. And probably at least one of the vendors has massive leak that shows half-assed or even flawed on purpose implementation.
This is literally what HTTP 402 is for -- there's a whole buncha work going on ... but please, please, please don't let Cloudflare become another bloody gatekeeper. Please.
You didn't 'give the spiders what they seem to want.' You exploited a naive ranking algorithm to inject garbage into search results that real people were trying to use. That you rationalized it at the time is human. That you're still rationalizing it decades later is something else.
All true, and yet: Windows accessibility actually works. I use a screen reader daily. Linux a11y is complete dogshit — AT-SPI2 is unreliable, Orca is barely maintained, Wayland broke what little existed.
I need something that actually works. When Linux goes off and decides it'll rewrite its working desktop stack and it's still, ten years later, not useable?
ADHD-Driven development might be fine if you can see your system. When you can't, being at the whims of some teenager chasing the new shiny is just frustrating.
> When Linux goes off and decides it'll rewrite its working desktop stack and it's still, ten years later, not useable?
In fairness it wasn't just the rewrite that was the problem, but it looks for all the world like there was a large faction in the Linux UI world around Wayland that believes accessibility is insecure and designed the new systems to make it impossible. It has been an interesting if unfortunate situation that seems to be slowly being fixed.
> but it looks for all the world like there was a large faction in the Linux UI world around Wayland that believes accessibility is insecure and designed the new systems to make it impossible
Agreed.
FWIW, accessibility is insecure, that is a fact, and it's also fine. The problem is that many security-minded people forget to ask the critical question: security for whom, and from what. There is no such thing as "security" in general. There is always a subject being secured from a threat.
With Wayland, like with most modern software development, the user ends up being the thing to secure from, and what is being protected are the interests of the vendor.
9front tells me otherwise. It's security model with namespaces and rfork it's far more tuned to modern times than the GNU/Linux or BSD one where even wth mitigations and the like a good crafted NES sound file (6502 code in the end, as C64 MOD files) could cause mayhem on some buffer overflow executing x86 code.
rio(1) windows under plan9/9front have their own namespace and OFC you can restrict these per windows making these kind of attacks futile.
How's the a11y story under Plan 9? I always thought of Plan 9 as being very forward thinking for its time but unfortunately stuck in the past in various ways, but are there screen readers and voice input and everything?
> [T]he security model on Unix (and Linux) is to trust your applications
If that were true, httpd (and all other system daemons) would be run as root and neither the 'nobody' user and group nor the various security-related X11 extensions would exist.
Anyone who has worked in this field for more than a few years (regardless of their era of entry) knows that nontrivial programs are faulty and can happen to or be induced to do things that are harmful in varying degrees to the operation of the computer that runs them.
macOS has some strengths and is certainly ahead of Linux in terms of a11y but my experience working in web accessibility, it seems most visually impaired individuals have a preference for windows, seemingly because it has the most mature set of accessibility/screen reader tools around largely because of how long windows has been around and how much of a requirement it is for enterprise environments.
You're acting as if Linux is a single entity that can just decide to improve this or the other. The phrase "Linux should do X" is as useful as "Society should do X". It's not useful unless you can state what needs to change specifically, or you're talking to the right people.
> When you can't, being at the whims of some teenager chasing the new shiny is just frustrating.
Since most development on linux-related projects is based on volunteering, perhaps you can volunteer and organize for your own 'whims'? Personally I would love it if someone like you would get off their ass and use your knowledge about screenreaders to improve things for everyone.
Question. In this new weird age of agentic everything. Does running your system from an agent TUI resolve much of the issues you’d otherwise have without a decent screen reader?
A fundraiser and/or financial grant to a foundation like gnome, or a distro that makes a11y a priority, is probably the best way to approach it. Without the financial investment, many contributors just aren't considering or even aware of issue.
The distributed best-effort approach works ok for some things, but is at a disadvantage for supporting holistic standards across independent apps.
I'm not completely sure I would call Apple the accessibility king. It's UI gets worse with each release. Modal dialogues with no keyboard options to make a choice in the window at times, etc.
Eh, no. My experience working in web accessibility, it seems most visually impaired individuals have a preference for windows, seemingly because it has the most mature set of accessibility/screen reader tools around largely because of how long windows has been around and how much of a requirement it is for enterprise environments.
As far as I know, accessibility has been built into macOS since the early days, and with great care. Which then propagated to application built for macOS, and later on, iOS. iOS is rather magnificent for (visually) impaired people.
In contrast, Windows has had its accessibility features bolted on, and the best ones are third-party which makes it even more bolted-on. And then you have twenty different frameworks to make Windows applications, all with varying (but usually mediocre) levels of accessibility support built in.
> Plain Claude, ask it to write a plan, review plan, then tell it to execute still works the best in my experience.
Working on an unspecified codebase of unknown size using unconfigured tooling with unstated goals found that less configuration worked better than more.
The SSA is one of the largest federal employers of blind people. "Karen" could easily be a blind woman on the other end of that call, also below the poverty line on a GS-nothing salary, who now has to deal with a fax machine (hopefully virtual!) she also can't see spitting out 512 pages and jamming. This guy is ... Something.
I'm blind. This guy is not fighting the system. He's being a jerk to a call center worker and writing fan fiction about her suffering in public. Not a good look.
How smooth are your experiences with the system? I've dealt with only one other government system like this and it was impenetrable, gave up after 6 months of calling, never receiving the benefit. I'm unsure how someone can experience a system that has no thought to their well-being and then _not_ find gratification in the small person winning.
Having worked in a similar field, providing historic documentation when it’s not necessary usually prolongs the process for the client. This is because the reviewer now has to sort through all these files to make sure new contradictory info isn’t lost in between.
Also, large firms will typically digitize directly into a document management system. It would be no more than 5-15 minutes at most for an experienced reviewer to flip through 500 PDF pages to find current supporting evidence of a medical disability.
"Prove your humanity/age/other properties" with this mechanism quickly goes places you do not want it to go.
reply