nvaccess / nvda

NVDA, the free and open source Screen Reader for Microsoft Windows
https://www.nvaccess.org/
Other
2.11k stars 637 forks source link

NVDA Remote dependency: Bundle url_handler.exe in NVDA #16714

Open seanbudd opened 5 months ago

seanbudd commented 5 months ago

Detailed description of the issue

url_handler is a component used by TeleNVDA and NVDARemote. https://github.com/NVDARemote/NVDARemote/blob/master/addon/globalPlugins/remoteClient/url_handler.cpp

VirusTotal detects this as a virus: https://www.virustotal.com/gui/file/58313ee1542ace3e878be617a0ec41fd74ad341a21cb7104a474c8888298851e/detection https://github.com/NVDARemote/NVDARemote/issues/129

With the goal of eventually including NVDA Remote's features in NVDA core, bundling this exe into NVDA will help unflag this detection, and pave the way for further remote support in NVDA

CyrilleB79 commented 5 months ago

My understanding was that NV Access' position was that NVDA remote should remain an add-on since enabling such capability in core may cause ITs teams of companies to reject NVDA for security reasons. Was it correct? If yes, has NV Access changed their mind on this and why?

seanbudd commented 5 months ago

I am unsure of the previous policy, but our current attitude is that corporate environments often require such capabilities, and corporates would prefer NV Access to be publishing the software and hosting the relay servers. It is unlikely we would be offering free relay servers to corporates, so this functionality would generally be disabled unless corporate environments opt-in. While we need an issue to cover this, our rough plans would be:

seanbudd commented 5 months ago

The issue is currently open, however I think more work is needed to tidy it up: https://github.com/nvaccess/nvda/issues/4390

LeonarddeR commented 4 months ago

To be honest, I believe that this issue is treating the symptoms and does not solve the underlying problem, namely that Virus Total wrongly identifies things as viruses. I would instead argue for a change in how Virus Total positive scans are handled. But perhaps this is not the right place for this discussion.

gerald-hartig commented 4 months ago

@LeonarddeR agreed. In any case this ticket is a placeholder for one of the options available to us.