RE: Window-Eyes public beta released with powerful scripting capability
- From: "Chris Hofstader" <chris.hofstader@xxxxxxxxxxx>
- To: <programmingblind@xxxxxxxxxxxxx>
- Date: Wed, 25 Jun 2008 12:05:46 -0400
I know how to create some kinds of malware using JAWS scripts but I don't
recall having heard of any such scripts getting loose in the wild.
While the new GW model makes selling extensions without source code much
more practical than in the JAWS way of doing things, I would encourage
people to write free (as in GPL) software because it is the safest way to
ensure that it doesn't try to pull any funny business like reformatting a
drive or sending your passwords off to a gang of hackers in Romania.
cdh
-----Original Message-----
From: programmingblind-bounce@xxxxxxxxxxxxx
[mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Jared Wright
Sent: Wednesday, June 25, 2008 10:47 AM
To: programmingblind@xxxxxxxxxxxxx
Subject: Re: Window-Eyes public beta released with powerful scripting
capability
Wasn't there already a malware issue that JFW had to deal with?
Just part of the game these days, really. With Script Central, I think
there'll be a lot more of an idea of where to go to get good, reliable
scripts than there traditionally has been with JAWS.
Chris Hofstader wrote:
> Having received a copy of the new WE from a friend, I can confirm Jamal's
> findings that the extension model is downright killer. I refrain from
> calling it "scripting" which the GW propaganda uses as it is profoundly
more
> powerful than any script facility known to the world of access technology.
> The boyz at GW really knocked this fucker out of the park!
>
> The only downside, whispered to me by some of GW's competition, is that
the
> extensibility model is so powerful that one can build Window-Eyes specific
> malware without being detected by normal shielding software as such
> prophylactic programs will be entirely unaware of WE and its COM and .Net
> add on systems.
>
> To a lesser extent, System Access has a similar issue. If someone built a
> cool blind software web site with the intention of being malicious, they
can
> include a link labeled "Check Out SA To Go" which would bring the user to
a
> web site made by bad guys who, like SA, will use recorded synthesized
speech
> to tell the user to hit ENTER to allow a browser initiated executable to
run
> which, in this scenario, will not be SA but, rather, some nefarious bit of
> code that can reek havoc on your PC.
>
> We hacker types know to get our SATOGO from the proper web sites but a
real
> meanie could build a quick and dirty site, google bomb himself and people
> who search for SA will possibly find the nastiness before the good stuff
and
> get screwed.
>
> GW definitely has the best extension model in its latest release but the
> JAWS scripting facility, with all of its shortcomings, is very safe. I
> wouldn't fret much about malware entering your system from WE extensions
but
> I would think that people should confirm the source and ensure they are
> getting the software directly from GW or from one of the highly respected
> repositories like Jamal's site or Grab Bag. This mailing list is also
> probably a pretty good place to ask about the origin of a bit of software
as
> this gang knows most of the blind hackers about the biz and can vouch for
> some and tell a potential user that we've never heard of another.
>
> cdh
>
> -----Original Message-----
> From: programmingblind-bounce@xxxxxxxxxxxxx
> [mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Trouble
> Sent: Wednesday, June 25, 2008 8:56 AM
> To: programmingblind@xxxxxxxxxxxxx
> Subject: Re: Window-Eyes public beta released with powerful scripting
> capability
>
> Only one problem with the bait a. You have to have wineyes 6.1
> installed before 7 will even work. So for now only those with wineyes
> can take a look at its new power base.
>
> At 04:10 PM 6/24/2008, you wrote:
>
>> -- Forwarded Message --
>> From: gw-news@xxxxxxxxxxx
>> Sent: Tuesday, June 24, 2008 1:33 PM
>> Subject: Window-Eyes 7.0 Beta 1 Is Now Available!
>>
>> After much anticipation, Window-Eyes 7.0 Beta 1 is now available.
>> Window-Eyes 7.0 Beta 1 offers the latest advancements in screen reading
>> technology, including full Unicode support, new scripting functionality,
>> web browsing enhancements, a new synthesizer, and much more.
>>
>> Full Unicode support means the ability to work with more international
>> languages. Web browsing enhancements mean easier navigation between
>> controls, and the ability to add placemarkers that can remember places on
>> a webpage even when the webpage changes. ECI Eloquence 6.1 is now
>> available as yet another speech option. Other enhancements like speed
>> increases for list views, the system tray, and error reporting, being
able
>> to increase and decrease the speech rate during read to end, new options
>> for keyboard voice interruptability, and numerous bug fixes make
>> Window-Eyes 7.0 Beta 1 a welcome update.
>>
>> The most notable enhancement in Window-Eyes 7.0 Beta 1, however, is
>> scripting. Window-Eyes scripting is unparalleled in its design and
>> implementation. Rather than require a scripter to learn a proprietary
>> language, Window-Eyes 7.0 Beta 1 allows a scripter to choose from a
number
>> of standard computer languages for writing scripts. This means that more
>> people will be able to take advantage of Window-Eyes scripting, and
>> ultimately more accessibility to more software applications. Access all
>> Window-Eyes features and settings, all operating system windows and
>> properties, create custom accessible dialogs for user interaction with
>> power and ease, and more.
>>
>> To make scripts easily accessible and encourage script development, GW
>> Micro has created a centralized script repository called Script Central
>> (www.gwmicro.com/sc). Script Central provides script developers with the
>> tools to distribute their scripts, and provides scripts users the tools
to
>> download, comment, rate and track favorite scripts. The GW Micro forums
>> (www.gwmicro.com/forum) have also been enhanced for general script
>> discussions, script requests, script announcements, and much more. While
>> we encourage everyone to take advantage of Script Central, Window-Eyes
>> scripts can be hosted anywhere and distributed by anyone.
>>
>> Read more about all of the features Window-Eyes 7.0 Beta 1 has to offer,
>> and download your copy, at www.gwmicro.com/beta.
>>
>>
>> ----------
>>
>> -- Forwarded Message --
>>
>> From: gw-news@xxxxxxxxxxx
>> Sent: Tuesday, June 24, 2008 1:41 PM
>> Subject: Window-Eyes 7.0 Beta 1 - Default Installed Scripts
>>
>> Greetings,
>>
>> Window-Eyes 7.0 Beta 1 includes four script packages, automatically
>> installed for your convenience, that demonstrate the power Window-Eyes
>> scripting provides to enhance your daily computing experience. The
>> information for each script below is also found in the script's help and
>> options. You can access a script's help and options by opening the Script
>> Manager dialog (from the Manage Sets and Scripts pull down in the
>> Window-Eyes File menu), selecting the script you're interested in, then
>> selecting the Help and Options button (or pressing the Help and Options
>> button shortcut, H).
>>
>> GW Toolkit
>>
>> The GW Toolkit script provides a collection of commonly used shared
>> objects for use with other scripts, such as providing consistent help
>> information, managing hotkeys, and much more. The rest of the scripts
>> listed below require the GW Toolkit script's functionality. You can read
>> more about the objects contained in the GW Toolkit by reading through the
>> gwtoolkit.chm Help file, installed automatically to your user profile
>> directory.
>>
>> AutoComplete
>>
>> AutoComplete provides announcement of inline autocompleted text and
>> suggestion list items in supported combo edit boxes, such as those in the
>> Start Menu's Run dialog, standard file save and open dialogs, and many
>> other areas.
>>
>> To disable the speaking of inline autocompleted text, select the "Do Not
>> Speak" radio button. To speak only the text that autocompleted, select
the
>> "Speak Completed Text" radio button. To speak the entire line (i.e.
>> what has been typed plus the text that autocompleted), select the "Speak
>> Entire Line" radio button.
>>
>> To hear an index of the number of suggestions provided in the suggestion
>> popup list, check the "Speak Suggestion Index" check box. To hear the
>> first item in the suggestion list spoken, check the "Speak First
>> Suggestion" check box."
>>
>> If toggling the "Enable Inline Autocomplete" check box does not work, you
>> can always verify this setting manually by toggling the "Use inline
>> AutoComplete" check box under the Advanced tab of the Internet Options
>> control panel.
>>
>> Note that the suggestion popup list does not have anything selected by
>> default. To select the first item (the same item spoken if the "Speak
>> First Suggestion" option is enabled), press the Down Arrow.
>>
>> LVNav
>>
>> The lvnav script is designed to allow you to virtually navigate a
>> listview. You can use the insert arrows to virtually move through the
>> rows and columns in the listview. Insert-Home and Insert-End move to the
>> beginning and end of a row while Control-Insert-Home and
>> Control-Insert-End move to the top and bottom of a column. You can also
>> use Alt-1 through Alt-0 to read columns 1 through 10. If you want to set
>> focus to the virtual item you are on use Insert-Enter. If you want to
set
>> focus to the virtual item and add it to the current selection use
>> Control-Insert-Enter. This script can be loaded globally to be available
>> for all listviews or in a specific application to only be available for
>> listviews within that application.
>>
>> Progress Indicator
>>
>> This script is designed to get you immediate feedback on the status of
>> progress bars in the active window. There are two types of progress
bars.
>> The main progress bar contains a visual indicator as to the progress
>> giving sighted users a percentage from 0 to 100. Marquee bars are
similar
>> but they dont give a percentage. Instead they just give a sighted user
an
>> indication that progress is being made. This script gives you the
ability
>> to monitor both types independently.
>>
>> Virtual View
>>
>> Virtual View displays a text view of any window. To include graphic
>> labels, check the Include Labeled Graphics option. To include the window
>> type where the text came from, check the Include Window Types check box.
>> To prompt for the window to retrieve the text from, check the Always Ask
>> for Window Type check box. Virtual View also offers several quick keys
for
>> accessing the dialog where the text originated. For example, if a button
>> called Close exists in the dialog where you obtained the virtual view
>> from, you can place your cursor on the word close, and press the letter L
>> to close the Virtual View dialog, and click the close button -- all in
one
>> key stroke. In addition to L for Single Left Click, other commands are: R
>> for Single Right Click, D for Double Left Click, M for Middle Click, P
for
>> Route Mouse, and F for Focus Control. You can also use Control-F to
search
>> for text in the Virtual View edit box, as well as F3 to find the next
>> occurrence of the last string searched for.
>>
>> --
>> To insure that you receive proper support, please include all past
>> correspondence (where applicable), and any relevant information pertinent
>> to your situation when submitting a problem report to the GW Micro
>> Technical Support Team.
>>
>> Aaron Smith
>> GW Micro
>> Phone: 260/489-3671
>> Fax: 260/489-2608
>> WWW: http://www.gwmicro.com
>> FTP: ftp://ftp.gwmicro.com
>> Technical Support & Web Development
>> The gw-news list is an announce only list used for GW Micro news and
>> product information.
>>
>>
>> __________
>> View the list's information and change your settings at
>> //www.freelists.org/list/programmingblind
>>
>> __________ Information from ESET NOD32 Antivirus, version of virus
>> signature database 3215 (20080624) __________
>>
>> The message was checked by ESET NOD32 Antivirus.
>>
>> http://www.eset.com
>>
>
> Tim
> trouble
> "Never offend people with style when you can offend them with substance."
> --Sam Brown
>
> Blindeudora list owner.
> To subscribe or info: //www.freelists.org/webpage/blindeudora
>
> __________
> View the list's information and change your settings at
> //www.freelists.org/list/programmingblind
>
>
>
> __________ NOD32 3217 (20080625) Information __________
>
> This message was checked by NOD32 antivirus system.
> http://www.eset.com
>
>
> __________
> View the list's information and change your settings at
> //www.freelists.org/list/programmingblind
>
>
>
__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind
__________ NOD32 3217 (20080625) Information __________
This message was checked by NOD32 antivirus system.
http://www.eset.com
__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind
Other related posts:
