undefined | Better HN

0 pointsmwcampbell2y ago0 comments

> at this time Windows doesn't have a workable app-level RA implementation

To make this work, I suppose it will finally be necessary for Windows to disallow all user-space code injection (e.g. in-process hook DLLs), including from assistive technologies. I guess this tightened security could be a per-app opt-in feature, at least initially. UI Automation on Windows 11 may finally be ready to take over the work that in-process injected DLLs (particularly from screen readers) previously did without performance regressions, though as far as I know, this hypothesis hasn't really been tested yet (or if it has, that happened inside the Windows accessibility team at Microsoft after I left). The trick will be to give the third-party screen reader developers a strong incentive to prioritize moving away from third-party code injection, without harming end-users in the process (i.e. not suddenly releasing a browser or OS update that breaks web browsing with screen readers).

What other changes or API additions do you think will be necessary to enable workable app-level RA on Windows?

0 comments

3 comments · 1 top-level

mike_hearn2y ago· 2 in thread

Yes, it's harder for Windows. Desktop operating systems don't have all the details figured out especially around detecting and controlling automation. RA has been around as a concept for decades, and implementations in consoles/phones/servers do pretty much work for a while, but RA that works on general purpose desktop computers is very new and really only Apple has it.

The Windows team would need to at least:

- Get apps using MSIX (package identity)

- Design an API to get an RA for an app that has package identity. Make a proper keychain API (or better) whilst they're at it.

- You don't have to block debuggers or code injection, but if those things occur, that has to leave a trace that shows up in the RA data structure.

- Expose to apps where events come from.

- Compile databases of machine-level PCRs that reflect known good configurations on different boards. Individuals can't do that work, it's too much effort to keep up with all the different manufacturers and Windows versions that are out there. MS would need to offer an attestation service like Apple does.

Some of that stuff is already there because they pushed RA in an enterprise context for a long time. I don't know how widely adopted it is though.

raxxorraxor2y ago

Apple is no general computing platform by far and I believe the flexibility is what makes general computing attractive.

How would you not block debuggers if those aren't verified? This adds insane busy work for little advantages and again would make Microsoft the gatekeeper of hardware.

For which benefit exactly?

mike_hearn2y ago

Macs are general purpose computers. In what way are they not? Is there some task you just can't achieve with them?

There are no problems with debuggers. For one, debugging an app that isn't compiled in debug mode is very hard. If you're at that point something has gone badly wrong somewhere already. For another, there would only be a problem if you're trying to debug a production build of the browser whilst simultaneously accessing a service that wants to measure your environment. That would be an extremely specific scenario that virtually nobody would ever encounter, especially not compared to the much more common scenario of being asked to solve horrible CAPTCHAs.

j / k navigate · click thread line to collapse