Re: Firefox 57 etc


Gene
 

People may want simpler design but that doesn't mean they want to go back to the days of almost static web pages and to the days when web sites didn't have embedded programsa that people use on various sites. 
 
Gene

----- Original Message -----
Sent: Monday, November 06, 2017 3:24 AM
Subject: Re: [nvda] Firefox 57 etc

I partly agree, but there is also a push to try to get web developers to
make sites accessible while they still can use newer ways of working for the
sighted. Modern coding after all allows one to read the details of the
browser in use by the  visitor and its not beyond the wit of any developer
to be adaptive. Pandering to every little change will start to unravel the
standards that guide development.
 I am already finding sighted friends telling me we no long want bells a
whistles on web sites, we want something fast and easy to use, why do they
keep on redesigning what has already proved to work.
 The new lamps for old thing was a war of getting folks attention in those
halcyon days of the start of the web, but now its seen as a tool and not
such a showpiece of how clever the site builder is, or should be.
 Brian

bglists@...
Sent via blueyonder.
Please address personal email to:-
briang1@..., putting 'Brian Gaff'
in the display name field.
----- Original Message -----
From: "Gene" <gsasner@...>
To: <nvda@nvda.groups.io>
Sent: Sunday, November 05, 2017 1:58 PM
Subject: Re: [nvda] Firefox 57 etc


Exploits are only one reason these changes are being made.  Wasn't it to
this list that an article was sent yesterday from a site that specializes in
accessibility issues explaining why old methods must be replaced by newer
ones?  As sites become increasingly interactive, the old methods are
increasingly inadequate.  I just remembered the name of the site.  It's
Marcos Accessibility blog.  (spelling))  Evidently, these changes in
accessibility can't be just completely implemented in new versions of
Firefox but are under development.  We cannot assume that they are being
implemented as they are for lack of prior planning.  The article Implies
that their implementation is in some way, part of their development.  We see
constant examples of programs becoming inaccessible or less accessible in
new versions.
We see constant examples of accessibility being added after a program is
released rather than being developed with the program. That doesn't mean
that we should assume a reflexive attitude that every such seeming
occurrence is one.  This case may be an exception that people will be very
glad of as things develop.

In addition, people can experiment with new versions of Firefox and use the
ESR version on the same machine without losing access to either whenever
they wish.  Use the portable versions of both or the installed version of
one and the portable version of the other.

Gene
----- Original Message -----

From: Brian's Mail list account via Groups.Io
Sent: Sunday, November 05, 2017 2:55 AM
To: nvda@nvda.groups.io
Subject: Re: [nvda] Firefox 57 etc


All very well, but you forget all the  masses of exploits used in other
software. I'm also saying this, if somebody said that this' ere screen
dis[play is a way in to Firefox lets make it invisible then it would not be
changed to stop the exploit. That is the thrust I'm going for.
 Unfortunately it is  a known fact that any code will have ways to get in
and exploit it. Everything man or woman does has an up side and a down side
as there are always crooks around.
 However these issues have been around for years and years and nobody did
sod all about it, till recently, and now its a mess because they did not
actually think about it they simply did a fix and we have to take the left
overs till they fix it for us.

Lets hope that checkbox does end up unchecked in the release version as I
could not even find it so how con one alter it, I know! Hack the registry!
 grin.
 Brian

bglists@...
Sent via blueyonder.
Please address personal email to:-
briang1@..., putting 'Brian Gaff'
in the display name field.
----- Original Message -----
From: "John Isige" <gwynn@...>
To: <nvda@nvda.groups.io>
Sent: Sunday, November 05, 2017 1:57 AM
Subject: Re: [nvda] Firefox 57 etc


Ah. Rhetoric. Like this.


http://blog.trendmicro.com/mozilla-firefox-exploit-enlists-pcs-advanced-botnet/


And this:


https://www.welivesecurity.com/2015/08/11/firefox-under-fire-anatomy-of-latest-0-day-attack/


The reason you're not hacked any more than other people is because
Firefox updates for security, i.e. the very thing people are complaining
about now because it's updating in a way that happens to mess with
screen readers. It's true that, so far as I know, neither of these
injection attacks are the kind of code injection screen readers do.
That's because screen readers are local though and not using something
like JavaScript, but that's about the only difference. And you should
particularly note from the second link that the particular code
injection attack being discussed there allows reading and writing of
local files as well as uploading them. Have a credit card number written
down somewhere for easy access? Get infected by that thing and it could
very well be uploaded to a site for somebody else to try and use.


My point is, injection attacks happen, they're bad, and this is another
way to try and stop them. There's a real purpose to this change, whether
or not anybody happens to like or agree with it. It's not just rhetoric,
there are real examples of it, as I've just demonstrated. There's also a
way for screen readers to deal with browsers that doesn't involve code
injection, I believe this is how NVDA deals with Microsoft Edge because
Edge doesn't allow code injection. That's also part of why everybody's
still working on Edge accessibility, sure, that way doesn't materialize
overnight, it has to be implemented and I'm sure issues have to be
worked out with it, e.g. if a browser needs to expose certain things it
doesn't currently.


I get that the change Firefox is making isn't ideal for us, I'm just
saying, there's a reason for it, and there are a lot of alternatives to
using the new Firefox, including an older accessible version of Firefox
if you don't feel like trying to change browsers and use Chrome or Edge
until better accessibility for the new version of Firefox is worked out.
There's no reason to assume that the sky is falling and that nothing
will ever get better because clearly, Firefox is going down the road of
hating blind people and ignoring them entirely and thus we're all crewed.


On 11/4/2017 19:13, Ron Canazzi wrote:
> Hi John,
>
>
> Besides all that rhetoric, Mozilla has set the 'disable all
> accessibility features' item to unchecked by default.  As long as you
> don't turn it on by accident, there shouldn't be any problem. I don't
> know what the chance of you getting infected or hacked by something is
> when this item is turned off, but I would imagine it isn't very high
> because I don't see any greater number of blind people getting hacked
> proportionately than sighted folks.  Still there is an issue with
> security now of days and it probably won't get any better for years.
> Some people have already tested 57 with screen readers and were
> careful not to check the box and things seem reasonably good.
>
>
>
> On 11/4/2017 6:08 PM, John Isige wrote:
>> If you'd read all of the stuff in Freedom Scientific's post, you would
>> have seen this link.
>>
>>
>> https://www.marcozehe.de/2017/09/29/rethinking-web-accessibility-on-windows/
>>
>>
>>
>> Code injection is a horrible idea from a security standpoint and also a
>> coding one. It was something that was necessary back in the day, but
>> probably isn't anymore. So that was a change that probably should have
>> happened long before now anyway. It makes sense as a change and it was
>> going to cause this issue whenever it happened.  Not only do we have
>> several accessible browsers to choose from, we have an accessible
>> version of the one with the problem and one assumes work will be done to
>> make the current version accessible. Seriously, do you people do
>> anything other than bitch about stuff? I'm beginning to wonder. I get
>> that the transition is annoying, sure. but some times there are actually
>> good reasons to change things, however annoying the transition happens
>> to be, and honestly, this one isn't all that bad in the grand scheme of
>> things.
>>
>>
>> On 11/4/2017 4:14, Brian's Mail list account via Groups.Io wrote:
>>> Indeed, However I am critical of Mozillas handling of this. Its not
>>> often that the makers of Jaws put up a page about the pitfalls and
>>> also criticise a particular company for being unthinking about their
>>> policy toward the  VI community.
>>>
>>> Let us hope that somebody in the management at that organisation takes
>>> us more seriously, however I'm not holding my breath, and I'm not sure
>>> if jamie working for them will help much if the culture is going down
>>> the road toward making all software inaccessible to stop hacking. He
>>> is probably not the most tactful person in the world as indeed neither
>>> am I. I can now afford to grow old disgracefully. Age has its
>>> advantages as history does tend to repeat itself and we have all been
>>> here before, sadly.
>>> Brian
>>>
>>> bglists@...
>>> Sent via blueyonder.
>>> Please address personal email to:-
>>> briang1@..., putting 'Brian Gaff'
>>> in the display name field.
>>> ----- Original Message ----- From: "никита тарасов"
>>> <ntarasov29@...>
>>> To: <nvda@nvda.groups.io>
>>> Sent: Friday, November 03, 2017 6:41 PM
>>> Subject: Re: [nvda] Firefox 57 etc
>>>
>>>
>>>
>>> Hello. I don't think it's worth installing Mozila 57 until she's fully
>>> available to NVDA.
>>> Отправлено из Почты для Windows 10
>>>
>>> От: Brian's Mail list account via Groups.Io
>>> Отправлено: 3 ноября 2017 г. в 21:17
>>> Кому: nvda@nvda.groups.io
>>> Тема: Re: [nvda] Firefox 57 etc
>>>
>>> Yes I saw a message on the issues list from James, about some fixing
>>> for
>>> version 58, so maybe it will get resolved from the currently unusable
>>> state.
>>> Its new users of any screenreader I feel sorry for, especially where
>>> its a
>>> shared machine and the sighted member just lets firefox update.
>>> There are a couple of other issues. It disabled both my add ons,
>>> navigational sounds and Ublock Origin ad blocker and even when I put
>>> the
>>> version 52 back on I had to re download both add ons and install them
>>> again.
>>> Not only that but nvda after the update could not read the screen of
>>> the add
>>> ons manager, I had to exit  firefox completely and go back in again to
>>> see
>>> if they had installed correctly, I'm sure this was not the case prior
>>> to up
>>> and down dating the version I had, which was 55. How also does one set
>>> 52 to
>>> get security updates without letting it update to 57 as I see it wants
>>> to do
>>> till I set updates to no, ie not recommended.
>>> Brian
>>>
>>> bglists@...
>>> Sent via blueyonder.
>>> Please address personal email to:-
>>> briang1@..., putting 'Brian Gaff'
>>> in the display name field.
>>> ----- Original Message ----- From: "Robert Mendoza"
>>> <lowvisiontek@...>
>>> To: <nvda@nvda.groups.io>
>>> Sent: Friday, November 03, 2017 10:31 AM
>>> Subject: Re: [nvda] Firefox 57 etc
>>>
>>>
>>>> Hi, Brian
>>>>
>>>>
>>>> I have the same issue on the other machine, and that is the reason
>>>> why I
>>>> keep to shift instead to use the Firefox ESR version 52 but for now I
>>>> will
>>>> stick to this version because there is likely more stable in
>>>> performance
>>>> and never has a problem. And, once the issue has fix maybe I could go
>>>> for
>>>> to use and test it again.
>>>>
>>>>
>>>> Robert Mendoza
>>>>
>>>> On 11/3/2017 6:00 PM, Brian's Mail list account via Groups.Io wrote:
>>>>> With regard to this version of Firefox, and in addition to what
>>>>> Joseph
>>>>> posted about it. Here is what me acting as the average unaware
>>>>> updater
>>>>> found.
>>>>> After installation only the menus work, no content on the page is
>>>>> readable, you cannot go into any browse or focus mode. You just here
>>>>> unknown.
>>>>> Now there may well be some kind of setting that can be altered, I do
>>>>> not
>>>>> know, to achieve what he got, slow but functioning. I could not find
>>>>> any
>>>>> option for this. Not only that but it seemed to lose almost half
>>>>> of my
>>>>> bookmarks as well.
>>>>>
>>>>> So unless they fix this on the release version anyone trying to use
>>>>> Firefox 57 when it comes out with the latest version of nvda, and I
>>>>> am up
>>>>> to date with the master branch here, will not be able to do so unless
>>>>> they know how to make it work.
>>>>> If these people are employees then they will probably need the
>>>>> permission
>>>>> of an admin to reinstall a version like 55, and turn off auto
>>>>> updates. I
>>>>> have reinstalled 52 in actual fact and got my bookmarks back as
>>>>> well as
>>>>> functionality. To my mind the makers of Firefox at the current
>>>>> state of
>>>>> play should be able to see if screenreading software is on a machine
>>>>> in a
>>>>> similar way to Adobe reader or Jarte does, and prevent it from
>>>>> updating
>>>>> to an unworkable version.
>>>>> I cannot understand why they have not done this.
>>>>>
>>>>> Anyone care to comment?
>>>>> Brian
>>>>>
>>>>> bglists@...
>>>>> Sent via blueyonder.
>>>>> Please address personal email to:-
>>>>> briang1@..., putting 'Brian Gaff'
>>>>> in the display name field.
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>>
>>
>>
>









Join nvda@nvda.groups.io to automatically receive all group messages.