win32: Remove executables due to false-positive malware allegation
I was advised to check the two installers using the online services provided by VirusTotal.com. And, indeed, the heuristics of some anti-viruses hosted there believe that the two files (and, frankly, also other files) were possible malware.
I believe this happens for the following reason. Neubot is a console mode program written in Python and frozen with py2exe named
neubot.exe. The problem with this executable is that, if you invoke it directly, you see an ugly black old style console. So, I decided to write three quick wrappers that ensures that Neubot is executed in a way that cause the console to be hidden. These three executables implement the three most common operations (start neubot, stop neubot, and show the web user interface).
The source code for these three executables is in the win32 directory of the neubot sources tree. The relevant file that does the trick is neubot-exec.h. The commit that introduced this feature is 274b234d.
As I understand it now, the technique I used to hide the ugly black console is also commonly employed for malware in order to start a process in background. The difference is that neubot is not malicious at all, but of course here is the pattern that matters (I believe).
I will have much more to say on this topic and I will publish the full report of my investigation as soon as possible. Stay tuned.
In the short term it seems to me sensible to remove the installers from releases.neubot.org and the three executables from github.com. I don't want to cause issues neither to releases.neubot.org (particularly because this is the same server that hosts nexa.polito.it) nor to github.com.
And, indeed, this commit removes the executables from both the master and next branches of neubot.