Favorite remote support utilities
Fairlight
fairlite at fairlite.com
Tue Aug 31 12:59:42 PDT 2010
Is it just me, or did Walter Vaughan say:
> Fairlight wrote:
>
> >For my preferences, I avoid GoToMyPC and LogMeIn.
>
> Why did I know before I did anything know that we would have differing
> opinion? I like LogMeIn for just that same purpose. It gives me a
> $diety_like powers over personal computers that I actually do need to
> have such power. Is use the free version to manage all my family's
> computers.
Erm...because, for better or worse, I view things differently? :)
Pretty much any of the solutions listed give you $diety_like powers. I've
got UVNC on my wife's desktop, and when we're out, I can access it via
OpenVPN, which is run off a VM on my machine. Pretty darn secure, since
even UVNC isn't directly exposed to the net.
Here's the thing, though... Why go for an alternative (out of so many!)
that puts a big question mark over the security of the connection? Do
you -honestly- believe that neither GoToMyPC nor LogMeIn are capable of
tapping their own relay servers and watching sessions at-will? It's worse
than packet sniffing--at least there someone has to be in a direct spot in
the pipeline, and you have no choice but to cede control if you want to
pass traffic. When I was running an ISP, I could actually packet sniff
and have someone's BitchX IRC session directly on my terminal, screen
control characters and all. We tested it. There's an element of trust
involved, here, and if I'm connecting to secured systems that belong to
clients, who in turn have connections to other secured sites--well, that
behooves me to make a conscious choice NOT to put any more men in the
middle than necessary. And, like Facebook and so many other sites, it
wouldn't surprise me if Big Brother has paid/coerced, or will do, these
companies for taps into their data streams. And since they already wrote
the protocol -and- the client, a modified client that taps the relay
is -not- a stretch of the imagination in any regard. In fact, were I
designing a service like that, such a program would be one of the debugging
tools that would definitely get developed in the course of bringing the
product to market--so you could see exactly what went wrong with problem
connections, debug, observe tests, etc.
I'm not doing anything illegal, but I'm also not doing anything that I
want people to be able to get their mitts/eyes on--especially when the
target system over which someone could gain control isn't even mine! It's
called security and due diligence. So I limit the number of parties that
can act as breakpoints in the transmission stream, even when things are
encrypted. Encryption means absolutely nothing if you go through a relay
service that essentially has the keys to the encryption because -it- handed
out the keys. And I think anyone that doesn't recognise that as a distinct
probability is probably deluding themselves.
With a self-hosted solution, you not only cut out latency on both sides of
the third leg, you cut out a large potential security breach.
Hey, do what you like--enough other people do. I'm just explaining -one-
of the reasons that third-party hosted relay services are a bad idea for
anything you want to stay private and secure. I think it's a valid reason
for supporting part of my difference of opinion.
> I know of companies that push UltraVNC servers to all workstations via
> group policy...
I wish pushing UVNC was that easy to remote clients. SingleClick was
supposed to make it almost that way, but the docs read like it isn't quite
there yet. SC just plain works.
mark->
--
Fairlight-> ||| "And if you don't love me now, you | Fairlight Consulting
__/\__ ||| will never love me again / I can | http://www.fairlite.com
<__<>__> ||| still hear you say it--we will | fairlite at fairlite.com
\/ ||| never break the chain..." -- | (502) 509-3840
||| Fleetwood Mac |
More information about the Filepro-list
mailing list