On Fri, Dec 23, 2016 at 11:18 AM, Jorge Paez <[email protected]> wrote: > See, I’m totally blind, so in order to be able to use the operating system, I > need screen reading software. > And I thought it would be awesome if we could develop something like that for > Qubes OS.
This raises the very interesting question of how one can indicate which domain's contents are being read in a trustworthy manner. This is done in a visual way by the colored and labeled window decorations, combined with trusted dom0 window manager actions to determine if something is truly a window or just a fake one drawn within a less-trusted window. The reason this is secure fundamentally relies on the fact that there is something a legitimate window can do that a fake window can not: namely appear as a distinct window in dom0 window management actions. How this could translate to screen reading is an interesting question. Would there have to be some "trusted sound" followed by reading the name of the domain that the following read contents belong to? A sound which somehow would need to be filtered out by a trusted filter such that untrusted domains could not produce it? Such in-band signaling seems fragile and doomed to failure. The question, then, is what would be an appropriate out-of-band accessible signaling mechanism to identify (in a trusted manner) which domain you are interacting with? -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/CABQWM_B4GBKrdnL2M%3DcHbPWjSP4xc%2BvuHA9x9C5FGzJoBKBBCw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
