Discussion
Loading...

Discussion

  • About
  • Code of conduct
  • Privacy
  • Users
  • Instances
  • About Bonfire
Asahi Lina (朝日リナ) // nullptr::live
@lina@vt.social  ·  activity timestamp last week

@esoteric_programmer

(Multiple posts because character limit)

Right, what I was getting at is that when I link to a stream/video, I'm usually already explaining what the video/stream is in the post text, and I'm just including the thumbnail for visual reasons (looks better than letting it auto embed a preview card from the link). So in that case I guess just using an alt text of "video thumbnail" is maybe enough so people know they aren't missing out on much? In this particular case the thumbnail just reads "I hacked macOS!" with a root shell and a "Whoooa" speech bubble, with me and Cyan on the left, so it's not really adding much information over the post text. It's the same thing with stream announcements, I always have some text going along with it that is mostly redundant with the image.

I was not expecting the emulator to crash so hard! It's actually a very simple HTML view. There's a few buttons along the top for operations, a main text window showing the exploit source, a table to the right listing every register and its value, and a two-element table under the text view listing the two virtual "micro sequence registers". Clicking the "Mode" button replaces the text view and two registers with two text columns, one with the source and the other with the firmware disassembly. The emulator itself is all text and layout, no graphics (though it does use color for highlighting and to convey changed values).

  • Copy link
  • Flag this post
  • Block
the esoteric programmer
@esoteric_programmer@social.stealthy.club replied  ·  activity timestamp last week

@lina yeah, it's ok to just use video thumbnail, I didn't expect the unlabeled image is all

  • Copy link
  • Flag this comment
  • Block
Asahi Lina (朝日リナ) // nullptr::live
@lina@vt.social replied  ·  activity timestamp last week

@esoteric_programmer The emulator itself is a giant blob of JS, but that shouldn't affect a screen reader. I'm surprised it went so poorly, I was just expecting it to not be very useful to actually use. The exploit source is loaded in its entirely and scrolled to the current line, but that's just a few hundred lines of code. I'd guessed the screen reader probably doesn't know where to start reading, but if that were all it'd had started with ' #include' and I'm sure you'd at least have known what it's doing. Meanwhile the assembly is just the current screenful of code (dynamically recomputed as it steps) so other than excessive context, it shouldn't have broken or overloaded anything.

It's really weird that it went *that* wrong. Maybe the syntax highlighting spans confused it? Or maybe reveal.js, the slides framework I use, is itself not accessible? I don't know... (The link has an anchor taking you to the last slide, but you can navigate to other slides with the arrow keys, in a sort 2D columns-of-slides pattern, space key to go to the next slide in logical order)

  • Copy link
  • Flag this comment
  • Block
the esoteric programmer
@esoteric_programmer@social.stealthy.club replied  ·  activity timestamp last week

@lina yeah, probably the moving around by itself bit is confusing it a lot, also maybe my computer isn't so great for running it, although it shouldn't require a huge amount of memory. Maybe use the wasm version in the future? perhaps that's better? I dk.
I wonder, do you have access to the orca screenreader on linux, nvda on windows, or maybe even voiceover? it's so funny when you hear it going boioioing yourself :p
also, dk why, but the registers table didn't look like a table to me. O yeah, I forgot to mention, the way most screenreaders work is caching the entire page upfront, or at least what's visible, because calling out to the accessibility API is expensive. Perhaps we were hitting some kind of cache bug? either way, kinda oof :p
No, I can't get to the first slide, it says something like challenge accepted, then section and application, so it entered something, then it starts repeating challenge accepted, then sometimes it begins saying how you do the exploit, then refreshes again, it's hilarious

  • Copy link
  • Flag this comment
  • Block
Asahi Lina (朝日リナ) // nullptr::live
@lina@vt.social replied  ·  activity timestamp last week

@esoteric_programmer But yeah, I expect that you'd have to build something bespoke to convey the information more efficiently for blind people. For example, it could let you step through the code, and on every step start reading out the next line of code, of asm, and listing out only changed register values, with shortcuts to move around and read out other parts. But it doesn't make sense to build out something like that for a one off presentation ^^;; (I rushed this two days before the stream and spent most of my time fighting with the emulator framework...).

The slides do have a video and GitHub link on the first slide though, does that work? If you can't even navigate to the first slide and get that, then there must be something really wrong with the reveal.js setup...

I can imagine how painful debugging and RE must be... a lot of the tooling I built and rely on to make things fast is based on visuals. Lots of color coding changed values, syntax highlighting different elements, comparing data by flipping between two tabs and seeing what changes, quickly scanning hex to notice patterns... all things you could design tooling around for blind users, but I don't see how you get around the bandwidth bottleneck making it much slower...

And yeah, stuff like Wine is the worst. It takes me forever to figure anything out with WINEDEBUG, often I have to mix it with strace and grep... I have no ideas there, I think it sucks no matter what senses you have ^^;;

  • Copy link
  • Flag this comment
  • Block
Log in

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances
Bonfire social · 1.0.0-rc.3.5 no JS en
Automatic federation enabled
  • Explore
  • About
  • Members
  • Code of Conduct
Home
Login