nicoo has quit [Remote host closed the connection]
nicoo has joined #spectrum
nicoo has quit [Remote host closed the connection]
nicoo has joined #spectrum
<pie_>
so....this seems like maybe kind of a misguided thing to want to do, but talonvoice.com/ is closed source, so im wondering if it would be possible to run something in relative isolation such that it has wayland input
<pie_>
i guess its the typical wayland accessibility tools security problem and ive no idea about the state of that
<pie_>
yes it could communicate over a sidechannel, but it might still be good to put it in a vm and at least prevent its network access or something?
<qyliss>
pie_: hmm, interesting.
<qyliss>
It depends on how it works with Wayland I think
<pie_>
i dont know if it even does
<pie_>
it probably just uses x11 right now
<qyliss>
Does it even support Wayland? It would surprise me if a closed-source Mac-first program bothered.
<pie_>
i dont think so
<qyliss>
But if we assume it did...
<pie_>
i mainly just linked it for illustrative purposes
<pie_>
right <qyliss> But if we assume it did...
<qyliss>
I think you could probably get reasonable security out of it, but it would depend on how it communicated with the compositor.
<qyliss>
I don't really understand exactly what this does
<qyliss>
I'm guessing it wants to be able to type and move windows around and stuff?
<IdleBot_85f8451c>
If you use it for its full design goals, it by definition needs so much control as to almost make point moot.
<IdleBot_85f8451c>
I guess one could use it in the style of It's all text — grab text content, edit it inside the isolated VM, push it back. Then you just need a socket with text-only flow…
<qyliss>
Yeah, the design of this is to be a program that sits between you and your computer and proxies everything
<qyliss>
So there's not really any way you can secure that by definition
<qyliss>
But you might want only some reasonable subset of its functionality
<puck>
i think accessibility in linux is usually done via something like AT-SPI, which is .. d-bus?
<puck>
it'd be reasonable to run, say, orca or something inside a VM and only have it access certain other containers
<qyliss>
If you want/need to use a tool like this, though, you probably need it to access all security domains to be useful?
<puck>
yeah, but it itself could be reasonably contained
<qyliss>
I suppose if it's a nice-to-have for you rather than a neccessity, you could use it only with low-security domains.
<pie_>
right <IdleBot_85f8451c> If you use it for its full design goals, it by definition needs so much control as to almost make point moot.
<puck>
apparently wayland still has some bugs with at-spi, since the button locations are now only relative to the window itself
<puck>
> Also, just like input methods, the a11y bus sends all input to the bus, and allows clients to inject input events into each other.
<pie_>
(sidenote, i also like isolation for general organization and reliability purposes)
<pie_>
(ie nix as usual)
cole-h has joined #spectrum
<edrex>
Is there a glossary of user interface terms for Spectrum? Borrow from Qubes? Too early to talk about UI? What do you call a collection of windows sharing a VM? just a VM?
<edrex>
Preface to:
<edrex>
Is freeze/restore of VMs a primary design goal? I'm interested in security, but more interested in the ability to segment my computing environment by context and rapidly switch between, and I want to make sure I'm lurking in the right room 🥧
<edrex>
not sure where the 🥧 came from ;)
<IdleBot_85f8451c>
I could imagine a situation where one needs voice entry for medium-to-long texts, but the push-initial-state/edit/pull-edited-state workflow with network-isolated voice-controllable editor is good enough. And if it is one editor VM per workflow with only audio input access + voice socket, then it might not have actual exfiltration threats
<IdleBot_85f8451c>
This is probably an RSI or similar «I can type 1 key per 2 seconds for 1 minute without strain, but prefer to take long breaks for hands» scenario
amanjeev has quit [Changing host]
amanjeev has joined #spectrum
cript0nauta has quit [Ping timeout: 246 seconds]
cript0nauta has joined #spectrum
adisbladi has joined #spectrum
adisbladis has quit [*.net *.split]
Profpatsch has quit [*.net *.split]
Madars has quit [*.net *.split]
Profpatsch has joined #spectrum
Madars has joined #spectrum
<edrex>
pie_: it might use a virtual libinput device to inject events. That's a useland abstraction supported by x11 as well as wayland compositors. that's a pretty good way to do input accessibility. also i'm interested in similar stuff, having a paralyzed engineer friend who uses voice control and those tobii eye trackers whom I'm trying to nudge back towards linux (he used gentoo before he lost mobility)
<pie_>
edrex: id say "neat" but i cant think of a way to say that without being super awkward about it
<pie_>
so i guess ill just feel awkward on the side
<pie_>
definitely puts some things in perspective doesnt it
<pie_>
oh just saw this, yessssssss <edrex> Is freeze/restore of VMs a primary design goal? I'm interested in security, but more interested in the ability to segment my computing environment by context and rapidly switch between, and I want to make sure I'm lurking in the right room 🥧
<pie_>
i want this
<pie_>
tfw have to freeze vms because freezing processes is extremely awkward