F-Droid demands more trust but it is also infinitely more trustworthy than the Play store. It looks like things can be improved (a lot) and I hope it does. F-Droid provides an invaluable service to those who value privacy and open source with very few volunteers.
As others have pointed out, this isn't even true anymore. Google's Play Store model lines up with what F-Droid is doing (effectively), so it doesn't really demand more trust, just different trust.
That's a bit ironic. Microsoft is only trying desperately to do what Google has already succeeded at with ChromeOS - an OS with no browser choice designed solely to funnel user data to them for data mining and to promote their own services. At least Google are up front about it while Microsoft is trying to dark-pattern their way to the same position.
I think the problem here is expectations—with Windows, you know you’re getting a heavyweight legacy OS with backwards compatibility for everything. With Chrome OS, you have few expectations and assume it’s largely “just for browsing the web.”
I mean, exactly. Google are pretty up front about it, and actually for family members the last thing I want is browser choice. I just want to install an OS for them and forget about it, no nagware, no "it's been a while since you've used your device, do you want to refresh your settings" (I'm looking at you Firefox), no "we've just installed an update, here's 500 new settings to choose from", just turn it on and it works.
Thanks for sharing your experience. I'm curious how changes in graphical user interfaces of programs and operating systems over the years have impacted your workflows. Do you develop on Windows or the command line?
I'm a Mac user these days, before that, it was Windows with WSL, Notepad++, Windows Explorer and remote VS Code for bigger projects. I use the command line a lot, but some things are best done with a GUI. I'm not a fan of command line editors, for example, as screen readers don't always deal well with TUIs. They can be used, but they bring their own set of headaches which I just don't want to deal with.
Updates definitely affect your workflow, you need to be careful about what updates you install. This is less of a problem with coding-related tools, but definitely a nightmare when mobile apps are concerned, for example. Web apps are even worse, as you can't avoid updates that completely break accessibility. I've heard stories of people getting in big trouble because a web app that was critical for their job suddenly had a UI overhaul and stopped being accessible. OS updates can cause trouble, in fact, Windows constantly breaking things with their forced updates was one of the major reasons why I switched to Mac OS. It wasn't even accessibility-related, most of it was basic stuff like sound.
iOS and Mac OS definitely win in terms of what's built-in, the screen reader they come with is more than enough.
JAWS, a paid screen reader for Windows, is perfect for enterprise environments, as it works well with Microsoft Office and Common productivity applications and lets IT administrators enforce security policies. At also has a vibrant market for scripts, both free and paid. Those scripts add accessibility to third-party apps. Companies can even hire script developers to implement accessibility for the internal apps employees need, which is often important in big corp / government, and it is in those environments where JAWS thrives.
NVDA, the free Windows screen reader, is more suited to software development work than JAWS in my opinion. It's written in Python, which makes it much more flexible, but also much harder to learn script development. There's a big collection of addons and plugins of all kinds, from speech synthesizers and braille display drivers to full on remote access suites (which no enterprise security policy can block), but all of those addons need to be released as GPL, which discourages any development on addons for internal and professional applications. In many countries, NVDA has replaced JAWS entirely, even in the enterprise.
Narrator, the built-in Windows screen reader, is getting better with each year, but it still isn't on par with other solutions that we have. It's great for installing another screen reader or figuring out why your existing one doesn't work, but that's about it.
Linux is a shitshow, free software zealots will claim it's perfectly accessible, while many problems still remain. It can be used, but it's probably the least accessible out of the big three, at least when the GUI is concerned.
Android works, people use it, but iOS works much better. IPhones are much more popular in the blind community, even in countries where they're extremely expensive, even considering the fact that blind people are often unemployed or have low-wage jobs. Android has quite a few rough edges and thinks might not work the same way on different phones. It's been getting better over the years, but even something as simple as accessibility on first setup isn't guaranteed, something that Apple has basically figured out more than 10 years ago. It's much more common for an Android phone or a Windows PC to fail in a way that requires sighted assistance than it is for a device running iOS or Mac OS.
It depends. Where I live, this usually doesn't seem to be an issue for some reason. I guess IT administrators don't really know how powerful a screen reader is. Just to give you an idea, it would be trivial for anyone with basic Python experience to weaponize NVDA into a key logger and a screen scraping spyware, without admin rights, and no antivirus would complain.
In the US, this seems to be much more of a concern, so JAWS is often a requirement in big corp / government.
IIRC, accessibility hooks in Windows are very, very low level. Thus they bypass most security policies. Also IIRC, there’s been multiple “wontfix” “0-days” abusing those hooks and fixing them would basically brick Windows for people using accessibility tools.
I have used it in the past for hands free coding, there is a steep learning curve but once you get comfortable with it many things can be done faster by voice than with your hands.
Be aware, using your voice all day can be hard on the vocal cords.
I'm looking at Talon at the moment but I'm disappointed that it has no clear way to opt out of user metrics and the first thing it does on launch is download blobs from the internet without explanation. It's not clear if it even can work offline at all. For a program that listens to everything you say that is a bit disconcerting (especially in the context of sensitive work projects). I'd like to just pay for something and never have it connect online, bar manual updates.
Talon doesn't need to be online at all. It also does not send audio or transcripts anywhere.. the telemetry can be disabled in settings, and it always prompts me to update on start but never automatically updates.
The blob it downloaded is probably the speech recognition model. I'd ask on the slack if you're concerned, aegis has worked really well with me.
I'm creating a sort of serenade-like system in Talon, since I want it to be open-source and have tight integration with Talon. So I'm curious what the highs and lows of serenade have been for you.
I love Serenade. It has some rough edges at the moment, but the team is working hard on making it better.
What I love is that it feels so natural to use. It understands the context of the code, which means you don't have specify exactly where to move the cursor, or what kind of casing you want on variables. It automatically does what you want it to. I also love that everyone has the same set of base commands. It makes it easier easy to share information and help each other out. Oh, and the browser extension for Serenade is such a life saver. I'm mainly a front end web developer, and it's so easy to navigate the UI with that browser extension as I'm developing.
You can use MIDI hardware as input devices. That means you can use foot controllers with pedals and other controls that might be easier to manage than keyboards, mice and trackpads. There are also purpose-built input devices for those with repetitive stress injuries and what not. You use them to work with, or modify, voice controls.
Assuming by engineer you mean a software engineer who uses a computer all day.
Depends on which field of engineering you are in, but going more towards R&D usually involves less hand work and more brain work. Same for technical consulting.
Embedded systems: Rust, checked C and other languages or methodologies designed to act as a "safer" alternative to C will see little real impact in the near to medium term future. Code running on microprocessors in medical, industrial and automotive devices will continue to be C99 (at best) for a very very long time.
Aside from the immaturity of the talent pool and tooling I mentioned in another comment, I think the embedded domain is incredibility slow to change.
My team have in the last decade spearheaded initiatives like adopting Agile, C++ (subset) use, Git (as opposed to SVN/proprietary) and extensive use of modern code hosting and CIs and we've met with a lot of resistance in our company (and those we work with). I've also interviewed lots of experienced embedded engineers, e.g. automotive, who have never heard of Agile or used Git.
I think it's a fear of change (risk) and also that the embedded engineering domain is so closely tied to hardware development, which is even slower to change.
As much as I wish you were wrong, from what I see in avionics, I suspect you will be right. Many of the companies developing these products simply do not pay enough or have a suitable company culture to attract top-quality software developer talent. These companies will ride out legacy practices and mindsets for as long as they can get away with it.
This sounds like wishful thinking at best. I work for a company that builds very power-efficient microprocessor devices with all the firmware written in c. There has been talk about migrating to rust for a while and now some of the code is even being written in rust. Someday it will be 100% rust.
I would love to work in a similar company but I can't see Rust challenging C any time soon with so few Rust developers available and no functional safety compiler on the market.
I agree with this. The ideal language has a minimum amount of complexity while also being human readable. C has stood the test of time because of its simplicity. You cannot reduce the complexity of a system by adding more complexity.
It's a combination of things. The first is the lack of expertise in existing companies and lack of available hires. Rust is new and has a steep learning curve. I work in a company with 7k+ engineers. Our Rust interest group has less than 20 members and most are beginners. I have never seen Rust mentioned on CVs even once when hiring for Embedded positions.
The second reason is lack of tooling - specifically Functional Safety toolchains that can be used for ISO26262 projects. There are plans by Ferrous to develop one, but it will take years to gain any adoptions [1].
I agree with what you're saying completely and have said so on HN in the past. It's my opinion that Rust won't break through the embedded world until the toolchains are there and I don't see an incentive for the vendors to do that work in the first place.
Tradition and machismo. Also, cost savings if there is a slightest chance that C or assembly produces smaller code. Source: I have worked with embedded software specialists. Including the type who just writes the whole thing in assembly because compiler can't optimize the first C effort.
a thing you’re missing is the cost of code recertification.
tens of thousands of dollars and several months of QA per release means that thanks very much but we’re going to keep using what we have because yours looks nice i’m sure but we don’t care.
That's really absurd. People make food for friends and build everything from furniture to vehicles for fun in their garages without complying with any professional standards or laws all the time. How many people on Hackaday or any DIY site have ISO compliant or OSHA inspected labs? Existing regulations are not
stopping the maker space scene.
One is a developer putting his reputation on the line for a free open-source product he has put hundreds of hours of work into. The other is a faceless trillion dollar advertising company operated mostly via black-box Machine Learning with a very public history of incorrectly censoring users and terminating accounts. I know who I would tend to trust.
I am not picking any side here. I don't know the developer, and I don't know Google. My comment was more on the philosophical side, showing that someone is making a claim that he can not prove. This applies to a lot of stuff that is posted online, and the problem is people just take things for granted, when a lot of them are just some claims by unknown people. Anyway, I don't expect most of the people to understand the nuances, but maybe at least 1 person will open their eyes due to this thread.
While that's true, products from Telegram, Cisco, Dell etc etc are targeted by nation states with infinite budgets who employ the best coders and cryptographers in the world. They have track records of selling bogus/backdoored products via fake companies, hacking companies to plant malware, planting/bribing employees etc. That changes the balance pf probabilities between stupidity and malice a lot for me.
