[HN Gopher] Rustdesk - Remote desktop software, an open source T...
___________________________________________________________________
Rustdesk - Remote desktop software, an open source TeamViewer
alternative
Author : yarapavan
Score : 365 points
Date : 2022-05-21 07:32 UTC (15 hours ago)
(HTM) web link (rustdesk.com)
(TXT) w3m dump (rustdesk.com)
| proto_lambda wrote:
| I'd proceed with caution. Apparently it doesn't support Wayland,
| so when you run it under Wayland it offers you a "Fix it!" button
| that, when clicked, runs sed on some gdm system config files to
| revert it to X11 (nevermind that gdm is far from the only way to
| use Wayland):
| https://github.com/rustdesk/rustdesk/blob/1.1.9/src/platform....
| If this is the kind of thing that's considered acceptable by the
| developer, I'd rather keep their products far away from my
| machines.
|
| A quick glance at the code also reveals an almost complete lack
| of comments and copious use of unexplained `unsafe`.
| causality0 wrote:
| The poor English, use of stock images, and absolutely zero
| information about the individual people behind the project are
| also red flags.
| karlmdavis wrote:
| Underexplained, permanent system config changes? That just
| about counts as malware, in my book.
|
| (Since I use sway on Ubuntu, rather than gdm, I'd argue it's a
| capital offense, but YMMV.)
| Erlangen wrote:
| I am not a user of rustdesk. But from its source code[1], I
| think does have some warnings about the change. It says,
|
| > "Warning" > "Current Wayland display server is not
| supported" > `Fix it` => a button triggers system gdm config
| change > A 'Help' link to github, showing how to change the
| config manaully.
|
| I wouldn't count it as malware. But I don't think it's OK to
| change the system configuration by pressing a button of a
| remote desktop software. It should simply provide a link to
| user instead.
|
| [1] https://github.com/rustdesk/rustdesk/blob/45375517b960add
| 901...
| nyberg wrote:
| It doesn't adequately explain what it does before having
| you ruing your configuration nor should it really be part
| of this application. An informative message explaining that
| the application doesn't work on wayland, why, and a link to
| a page with solutions would have been much better and not
| placed the user at risk.
| mgrandl wrote:
| What the actual fuck...
| FieryTransition wrote:
| Thanks for the warning, that is brutal!
| jeroenhd wrote:
| I don't think the application can work on Wayland because it
| can't inject commands. Screen sharing is a possibility, but
| that's it: injecting key strokes or mouse input into
| applications can only be done by even worse hacks. That said,
| the "let's disable Wayland to fix it" approach is very...
| pragmatic, to say the least.
|
| This tool was clearly written by someone with a "make it work
| for the general public" mindset. And, to be honest, I'm not
| 100% opposed to this approach, although there should definitely
| be a giant warning system configuration is changed. When a
| piece of software says "You are using Wayland and this software
| requires X11, please change your desktop session type" then
| you're not helping most people. A simple button to fix the
| problem can be a lot better than an error message with a link
| to a complicated step-by-step guide.
|
| As is often the case, this client seems to have been made for
| people running Ubuntu/Fedora, and a relatively recent version
| at that.
|
| The copious amount of unsafe seems to revolve around operating
| system APIs being called. Interacting with X11 requires tons of
| unsafe operations, you can't really work around that. The best
| you can do is make your own wrappers to hide the fact you're
| calling unsafe code behind the scenes, but I can't see too much
| unnecessary unsafe code in there to be honest.
| FieryTransition wrote:
| While I agree that a simple fix this for me button is a great
| option for users, being a destructive fix it for me button is
| not. If you want to argue that it is a good thing since this
| particular piece of software, for the typical linux user who
| uses without understanding it, I want to counter argument
| that breaking other software which might rely on wayland in
| some way and the system now being configured completely
| different as a side effect, is way worse for a usability
| point of view.
|
| The user now has one app that works, potentially dozens that
| don't, doesn't know why it broke, and doesn't know how to fix
| it. Which is why destructive fix it's for a single app is not
| a great idea. If it was non-destructive, I would totally
| agree with you.
| jcelerier wrote:
| > The user now has one app that works, potentially dozens
| that don't,
|
| Which apps work on wayland but not x11 ?
| merdzov wrote:
| Unfortunately doesn't seem like many, as most apps use
| some sort of toolkit, and generally most support either
| only X11 or X11 and Wayland, supporting only Wayland
| isn't popular.
|
| Though people who want to avoid using toolkits would
| probably do that, as Wayland's API is much more sane for
| apps.
|
| However for example Waydroid only supports running on
| Wayland, and somehow nobody has created a reverse
| XWayland yet (People that ask for this get constantly
| redirected to nested compositors which is absolutely the
| wrong thing, a proper reverse XWayland would seemlessly
| integrate the apps like Xwayland does, and you could drag
| them, transparency would work, and
| https://wayland.app/protocols/xdg-
| shell#xdg_surface:request:... would be converted to
| _GTK_FRAME_EXTENTS, etc)
| josephcsible wrote:
| "Unfortunately"? Isn't it a good thing that most apps
| support both?
| jeroenhd wrote:
| From a technical point of view I agree, but I haven't
| encountered any desktop applications that require Wayland
| and don't work on X11. It's almost exclusively the other
| way around in my experience.
|
| I'm sure there are some applications out there that rely on
| Wayland support, but Wayland is unusable for proper remote
| tech support without some extensions to the API that
| Wayland developers don't want to add (notably, the ability
| to send input to running applications).
|
| There are workarounds (hooking directly into the input
| system, for example) but those work despite Wayland, not
| because of it.
|
| I'm willing to go as far as to say that by clicking the
| "fix me" button, the end user will probably end up fixing
| more applications than it breaks.
| simonh wrote:
| That's not something you or the developer if this
| software have the authority to decide.
| mwcampbell wrote:
| I think we can leave that up to the users of the
| software. If the users grant the developer that authority
| by running the software, and they're happy with the
| results, then who are we to say otherwise? True, we can
| decide not to use the software ourselves. But I don't
| think people like us that are savvy and contrarian enough
| to likely be affected by this pragmatic solution are the
| intended target users of this product anyway, at least
| not on the receiving end (sometimes called the "host" or
| "server"), where IIUC Wayland needs to be disabled.
| simonh wrote:
| The problem is the users are not informed what the
| software is about to do and have no way to evaluate the
| consequences.
| thayne wrote:
| > without some extensions to the API that Wayland
| developers
|
| Depends on what what you mean by "Wayland developers".
| Wlroots, and thus sway, support such extensions and I
| think KDE is open to standardizing such extensions. Gnome
| supports remote desktop through an xdg portal. The
| problem is that, as with several other things, all of the
| compositors haven't agreed on a single standard.
| neurostimulant wrote:
| > I don't think the application can work on Wayland because
| it can't inject commands. Screen sharing is a possibility,
| but that's it: injecting key strokes or mouse input into
| applications can only be done by even worse hacks.
|
| This app probably should use libinput to emulate
| keyboard/mouse instead of tapping into X11. No need for crazy
| hacks as libinput supports Wayland. Applications that provide
| remote desktop-like functionality like Sunshine used it and
| runs well on Wayland.
| thayne wrote:
| Doesn't that require root?
| jeroenhd wrote:
| I don't use it so I can't comment on this issue myself, but
| Wayland support for Sunshine seems all but guaranteed:
| https://github.com/loki-47-6F-64/sunshine/issues/44
|
| Notably, the lack of a mouse cursor is kind of a big deal
| for remote support situations. You want the user to be able
| to indicate stuff with the mouse.
| neurostimulant wrote:
| Have you tried this version from this repo? It's more up
| to date. https://github.com/SunshineStream/Sunshine
| ldng wrote:
| "Sunshine is a Gamestream host for Moonlight"
|
| What is Gamestream ? What is Moonlight ?
| neurostimulant wrote:
| Think of it as a low latency vnc server suitable for
| playing games on remote computers. If you want to play
| your PC games remotely on a raspberry connected to a tv,
| or on your iPad or laptop, this is for you. Basically
| self-hosted stadia. But I often use it for non gaming
| stuff instead of vnc because the latency is very low.
|
| Nvidia gamestream is the proprietary server from nvidia,
| sunshine is an opensource server compatible with
| gamestream protocol, and moonlight is an opensource
| gamestream client.
| merdzov wrote:
| It is absolutely possible though, see
| https://flatpak.github.io/xdg-desktop-portal/#gdbus-
| org.free... (And it really should use this on X11 too, and
| have the current X11 way as a fallback to insane systems that
| don't have portals in 2022)
| throwdbaaway wrote:
| https://knowledgebase.nomachine.com/AR02P00969 - and
| NoMachine seems to have decent support for Wayland.
| Fnoord wrote:
| The other day there was an article on HN about Cha Bu Duo.
| This is it. And it works for quick and dirty hacks. But you
| wouldn't share those and not care about improvement. You'd
| put a warning about not using this in production.
| phh wrote:
| > injecting key strokes or mouse input into applications can
| only be done by even worse hacks.
|
| Hum I don't understand this, I've been injecting key strokes
| for a decade on any Linux-running system using uinput (which
| creates a new virtual /dev/input). Is this somehow broken by
| wayland? (I haven't ever really used wayland, nor do i
| understand how it works)
| FreeFull wrote:
| AFAIK uinput does work just fine with Wayland. I've used
| sc-controller under Wayland before without any issues, and
| I believe it makes use of uinput
| Fnoord wrote:
| I use Wayland + Sway plus ydotool(d) on a dailty basis
| (e.g. with libinput-gestures), as well as kbct to rebind
| keys (main purpose caps to esc and some ctrl/alt/meta/fn
| rebinds). Both use uinput. Things I could do with xdotool
| I can also do with ydotool.
| pizza234 wrote:
| Yikes.
|
| This is not well-written Rust; code like the below actually
| defeats the purpose of using Rust, and without any specific
| reason for doing so.
|
| I personally discourage people from using this software.
| static mut KEYBOARD_HOOKED: bool = false; fn
| start_keyboard_hook(&self) { if unsafe {
| KEYBOARD_HOOKED } { return; }
| }
|
| The build even requires an assembler (NASM), which is odd, in
| this context.
| mwcampbell wrote:
| I disagree. Not all Rust code needs to be maximally
| generalized and reusable. If this were library code, I might
| feel differently. But here we're looking at code for
| installing a global, system-wide keyboard hook. Using a
| global variable is a direct, pragmatic, no-nonsense way of
| doing it.
|
| Edit: Further, there's no such thing as "the purpose of using
| Rust". Different users can use the same tool for different
| purposes, and Rust is no different.
| pizza234 wrote:
| That's fair, but I seriously consider the danger of a
| slippery slope.
|
| To keep in mind, on a pragmatic level, that this type of
| global can be trivially implemented, at a minimum, via
| atomics, so the cost to avoid the unsafe is near-zero.
|
| Atomics are not supported by all the platforms, but based
| on my understanding of their targets (x86-64), they're
| supported.
| FreeFull wrote:
| At the very least, I would have used an AtomicBool rather
| than a static mut. See https://github.com/rust-
| lang/rust/issues/53639 . As a bonus, AtomicBool doesn't
| require any unsafe code.
| staticassertion wrote:
| It's not that big of a deal tbh and I'm actually not sure
| there's even a practical safety issue, though there could be
| bugs if the compiler makes some optimizations based on that
| (unlikely imo).
|
| AFAIK on any typical platform there's no way you'd have
| "tearing" for a single byte ie: this will never store an
| invalid boolean representation.
| Snuupy wrote:
| They're locking features (like encryption?!) behind a license.
|
| Who knows what other essential features they might put behind a
| paywall. Their licensing fees aren't even released yet.
|
| Seems sketchy to me. I'd stick to meshcentral.
| Oxodao wrote:
| Finally! I was looking for something like this for a long time.
| The closest is MeshCentral but it seems to expect the target
| computers to stay in the web panel, I needed something like this
| for quick remote assistance, not having to keep everyone's
| computer in a list. Looking forward to try this in the near
| future
| lapser wrote:
| I tried this as an alternative to teamviewer not long ago to help
| my dad with something. He runs a little bit of an older macOS
| version because reasons (I'm a bit wary upgrading it because
| another newer macbook my mum owns basically said the device is
| unsupported when I upgraded to the latest version).
|
| Rustdesk refused to install because the macOS version was too
| old. Until Rustdesk runs on many OSes, especially older OS
| versions, it will be hard to use.
|
| Mind you, it's not entirely clear what OS versions are supported
| from the website, so I went through a lot of trouble to get my
| dad to try and install it, only to then be disappointed.
|
| I have hope though! It looks great so far.
| telesilla wrote:
| We've been using RealVNC's Instant Support
| (https://www.realvnc.help), it's been the easiest we've found yet
| that matches the level of complexity customers can handle. We'll
| check out Rustdesk, as the Web interface would make it even
| easier for the team to jump on for help when on the road.
| mwcampbell wrote:
| I want to counter the prevailing negativity in this thread. I
| admire the pragmatism of this project. The developers are clearly
| willing to work hard to achieve what they value, such as
| producing a single self-contained executable on Windows. But
| they're also unafraid to take pragmatic shortcuts where they feel
| that it's OK to do so.
|
| I wonder if the fact that the original author comes from the
| largest non-English-speaking population in the world [1], a
| population large enough to have its own distinct software
| development culture, is relevant. I'm guessing that they don't
| routinely participate in our English-speaking software
| development communities. If that's so, then they're not exposed
| to our norms or the constant negativity of our online discourse.
| Perhaps that's liberating. Perhaps we need more independent
| cultures, doing their own thing with no regard for what we think.
| In any case, for me, software developed in China, such as this
| project and Zoom (particularly the Windows client), provides an
| interesting peek into what Jimmy Maher called a mirror world [2].
| It may trigger our natural discomfort with foreignness, but some
| of the differences from the typical American commercial software
| culture, such as a continued willingness to develop bloat-free
| native Windows apps, are refreshing.
|
| [1]: https://news.ycombinator.com/item?id=31457771
|
| [2]: https://www.filfre.net/2017/06/tales-of-the-mirror-world-
| par...
|
| Edit: If anyone thinks what I said is offensive, please let me
| know, either publicly or privately. I tried to approach a
| delicate topic without offending, but I'm not sure if I
| succeeded.
| traceroute66 wrote:
| > It may trigger our natural discomfort with foreignness, but
| some of the differences from the typical American commercial
| software culture
|
| I have to say, this phrase just struck me as pure arrogant
| xenophobia.
|
| Like most people on here, I'm sure I can safely speak for the
| majority when I say there is plenty of shit American commercial
| software out there. The patriotic US flag waving and "made in
| US" does not automatically make it the best software.
|
| Also many organisations, especially in Europe, will almost bend
| over backwards to avoid being tied too much to the US because
| of what the three-letter-agencies get up to, and the anti-
| foreigner legislation that supports them.
|
| The recipe to get rid of that "natural discomfort with
| foreignness" that yanks have is simple: Most Americans just
| need to get out more ... get that passport that so few of you
| have and spend some proper time outside US borders (and no,
| trips to Canada don't count, and likely neither does Mexico).
| mwcampbell wrote:
| I'm sorry. I'll be more careful next time. I do have a
| passport, but I haven't yet used it.
|
| Edit: However:
|
| > Like most people on here, I'm sure I can safely speak for
| the majority when I say there is plenty of shit American
| commercial software out there. The patriotic US flag waving
| and "made in US" does not automatically make it the best
| software.
|
| As someone who happens to be American, I emphatically agree.
| I regret that I didn't make this clear in my original
| comment. I meant to say that I think projects like Rustdesk
| and the Zoom Windows app are _better_ than a lot of American
| crap in some important ways. I was trying not to be arrogant,
| but clearly I failed.
|
| Edit 2: As for xenophobia, yes, I'm prone to it. I thought
| that was a natural human tendency, not peculiarly American,
| but I could be wrong.
| Hnrobert42 wrote:
| I think you misunderstood GP's comment. Also, it is odd to
| see such stereotyping used to substantiate a criticism of a
| comment as xenophobic.
| iforgotpassword wrote:
| Even though this might add more negativity, when it comes to
| commercial or at least closed source software, I can attest
| that "China is worse". I don't think that transfers over to
| their open source community though. For one thing, one of the
| reasons it exists is because those people are fed up with the
| practices of the commercial players in China. Plus, even though
| there is the language barrier, they are still exposed to the
| Western open source community, so at least some of our views
| and practices might have made it over.
|
| I think the "trample the users gdm config" issue for example
| might be a small influence from the Chinese proprietary
| software world. A quick and dirty fix. At least there was some
| message in this case. Usually, proprietary Chinese software
| doesn't even ask. There was some wild stuff going on in the XP
| days.
| smarx007 wrote:
| Poor translation maybe too? See
| https://news.ycombinator.com/item?id=31456645, "with no
| concerns about security" sounds quite different from "don't
| have to worry about security".
| tikimcfee wrote:
| If I may add a little to this:
|
| I am a native English speaker living in the USA.
|
| I constantly feel belittled, undermined, and shunned by the
| technically literate - especially the hyper technically
| literate - because of the exact negativity you're talking
| about. I can only imagine the level of shock someone who hasn't
| built up calluses to the mentality would feel.
|
| The negativity is most often this kind of discourse. How gizmo
| x wont possibly fly because of some rules and general ideas,
| and how this person's other gizmo is really the bar to meet,
| and everything else is not worth their time.
|
| I cannot impart to you how terrible I felt for months thinking
| that I was such a bad engineer that I couldn't stand up a
| simple web server on a droplet. I felt like "it's just so easy
| and obvious" and I gave up multiple times.
|
| This may be crusty software by some people's standards, but I
| challenge those same people to put down their high projects,
| spend 10 minutes writing an issue, or even a weekend with a PR,
| and dropping this whole schtick of "lol look at the bad
| developers doing bad things."
|
| This comes off as damning and condemning, and it is by intent,
| but it's also a cry for help.
|
| If you are technically literate enough to identify issues in
| something technical.. be the person that shares that
| understanding freely, instead of holding it like a bar of
| achievement.
| zacmps wrote:
| There are examples elsewhere in this thread of Rust code which
| is obviously incorrect (static mut values not protected by a
| mutex).
|
| I would not put any faith in the security of this software,
| which for remote desktop, is a problem.
| Hizonner wrote:
| > You have full control of your data, with no concerns about
| security.
|
| Hold me.
| bedros wrote:
| awesome from first try on Ubuntu 18.04 LTS and Mac, it even
| recognized that I have two screens and split them in the remote
| application 1-2 and can click on 1 or 2 to select what screen to
| show
|
| also, it has shrink feature to make bigger screen fit on the
| local screen
| denysvitali wrote:
| In case you're wondering, yes it's written in Rust :D
| c-smile wrote:
| As far as I can see it uses Sciter UI for clients on desktops.
| And that one is C++.
| wiz21c wrote:
| "you cannot borrow that session because it is already borrowed
| by another user" :-)
| titaniczero wrote:
| "explicit lifetime bound required", you poor soul
| metadat wrote:
| Any chance one of you kind rustaceans will fork this and
| implement a proper self-hosted encrypted server for this?
|
| And maybe some code comments?
|
| Sincerely,
|
| metadat
| metadat wrote:
| I believe the market really would be very receptive to this
| with better documentation and reasonably secure options.
|
| I.e. encryption and self-hosting capable setver and FW hole-
| puncher.
| 0daystock wrote:
| I couldn't find a single inline comment nor docstring in the
| code. I'm no Rust expert, but I know enough about software
| development to draw some conclusion about the qualifications and
| proficiency of the developers from this fact.
| holri wrote:
| I use RemoteSupportTool for years now and it works great. Simple
| VNC over SSL, with no configuration on the client side. No server
| necessary. https://github.com/OpenIndex/RemoteSupportTool
| Fnoord wrote:
| I use wayvnc for this purpose but its local traffic. I would use
| Wireguard for authentication secure communication.
| rmbyrro wrote:
| Was about to come here and ask the perspective from anyone
| experienced with cyber security.
|
| Then read this:
|
| > "... with no concerns about security"
|
| Nevermind. Might be the cynic or skeptic inside me, but it tells
| me these people are either careless, naive or ill intentioned.
| [deleted]
| ben-schaaf wrote:
| The Web beta being insecure http-only also doesn't inspire
| confidence.
| hnarn wrote:
| I'm not sure I feel great about a project written in rust
| using "rust" in its name like this, it seems pretty obvious
| to me that it's looking for free publicity simply because
| it's written in rust, nevermind how high quality the code or
| application is in the first place.
| ajsnigrutin wrote:
| this is HN, it's full ob publicity for projects that are
| just $old_existing_program written in $language_of_the_day
| Erlangen wrote:
| The author is Chinese. I found his post in Chinese forum 2
| years ago. https://www.v2ex.com/t/712086?p=1
|
| "... with no concerns about security" seems to be a bad
| maschine translation.
|
| The Chinese version says "(you) don't have to worry about
| security".
| rmbyrro wrote:
| That adds more perspective, thanks.
|
| Nevertheless, it still doesn't change my impression. I read
| it like "(you) don't have to worry about security". The other
| interpretation "we didn't worry about security" seemed too
| unlikely.
|
| It doesn't inspire confidence if they want me to be in a
| _relaxed_ position. I 'd expect them to raise concerns about
| security and take the initiative to show how secure their
| system is...
| mwcampbell wrote:
| Anyone know why the executable name of the Windows installer ends
| with "putes"? I get that it's "setup" backwards, but why
| obfuscate like that?
| dwattttt wrote:
| There's a compatibility hack in Windows that causes binaries
| with "setup" in the name to request administrator privileges,
| unless they embed a manifest that specifies they don't need it
| (last part slightly speculative)
| mwcampbell wrote:
| So I wonder why they obfuscated the executable name rather
| than adding the required manifest properties. I get that the
| overall negativity of this thread led me to look at this with
| extra scrutiny, but wouldn't the unknown word "putes" in the
| executable name make anyone suspicious?
| debugnik wrote:
| Worse than unknown, it actually translates or sounds really
| close to "whores" in several languages. Really unfortunate
| workaround.
| ComputerGuru wrote:
| The manifest needs to be embedded with the MS build tools
| (which aren't available for cross platform builds) or
| separately as myfile.exe.manifest (making it no longer a
| single-file download).
| mwcampbell wrote:
| On further investigation, the executable already has a
| manifest in it. I believe the missing bit of XML is this:
| <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
| <security> <requestedPrivileges>
| <requestedExecutionLevel level="asInvoker"
| uiAccess="false" />
| </requestedPrivileges> </security>
| </trustInfo>
|
| No, I don't know where that's documented. I pulled it out
| of the manifest of an existing installer.
| mastax wrote:
| I hope this succeeds. Remote desktop sounds like an easy problem
| and there are many implementations, but most of them don't work
| well in practice. TeamViewer works very well, but the company is
| a bit scummy and the pricing is crazy. Windows Remote Desktop
| works well between Windows machines, and with Tailscale it's
| pretty convenient. I use PulseWay at work and their remote
| control is quite barebones and very slow, even in good network
| conditions. I remember trying all the open source VNC
| clients/servers I could find a while ago and was disappointed.
| jeroenhd wrote:
| Sounds great! Even comes with a rendez-vous system so you don't
| need to mess with firewalls (like you need to with VNC and such).
|
| I can't read anything on the front page though, the website shows
| up light-grey-on-white. Is that just me? Did the CSS fail to load
| somehow? Edit: never mind, the CSS sets the text color to #999
| and a font weight of 200 for many elements. Apparently that's
| intentional. Going by the font list, I'm guessing the theming was
| tested on macOS and made to look nice without testing if the
| fallback fonts were even readable in the slightest.
| tveyben wrote:
| A few days ago there was a story here at HN about a chrome
| plugin that fixes exactly those problems by making the fonts
| show as black and thus restoring a useful contrast.
|
| I can't remember the name (it was just two letters, like 'SD'
| or such) and I forgot to bookmark it as well...
|
| Update: Found the thread
| https://news.ycombinator.com/item?id=31444913
| ushakov wrote:
| it's same on macOS though
|
| i think some frontend engineers/designers might have
| misconfigured screens
|
| otherwise i can't understand why setting right contrast is so
| difficult
| pmontra wrote:
| Yes, it's almost white on white. The text on the server
| installation page is OK.
| [deleted]
| benbristow wrote:
| Looks neat.
|
| The cynical side of me wonders when the scammers are going to
| set-up their own servers for this though and start using it
| instead of AnyDe(x/sk)/TeamViewer. No way of being reported then
| other than the IP to the server host themselves.
| jeroenhd wrote:
| I'm sure they do once they realize they can, but on the other
| hand, there are lots of bad things you can do with any open
| source products. nmap can be used to evaluate your firewall or
| it can be the first step in taking down critical government
| infrastructure.
|
| I don't believe that reporting scammers to remote support
| companies has ever been effective in the fight against these
| people, especially with the local police departments near the
| scammers' offices taking their sweet time to respond to any
| outcry about them.
|
| The sad reality is that less than a week after scammers find
| out about this tool, the Windows binary will probably be
| flagged by every single AV engine out there.
| 2Gkashmiri wrote:
| Been using anydesk religiously for the last 2 years and the
| increasing ads starting with chrome banners and more recently the
| "pro" use, I started using rustdesk.
|
| This is really great.
|
| I dare say the performance is "better" than anydesk, nothing
| objective or I could measure. Maybe its me wishing it be as
| prevalent and more than anydesk/tw
| judge2020 wrote:
| Unless this has changed, RuskDesk seems to require a TURN/ICE
| server to connect at all- you can't directly connect via IP. This
| would be fine if you could run your own, but you can't:
|
| Open home page, "please set up your own server" Click link,
| second line "Note: You need buy license When using this software"
| Click link, "Currently we are not selling server licenses as we
| are working on a new version of the server. "
|
| Combine this with the default server being slow and it's
| unusable.
| hda111 wrote:
| Isn't it the point of software like this, to connect through
| firewalls? Never saw an option like this in TeamViewer or
| AnyDesk.
| smarx007 wrote:
| What's this then? https://github.com/rustdesk/rustdesk-
| server/releases
| judge2020 wrote:
| The code and those binaries were uploaded 9 days ago so i'm
| glad to see it's available now.
| valiafetisov wrote:
| I like how the screenshot on the main page shows "Not Secure" for
| the browser window with web.rustdesk.com. This one detail makes
| me sceptical of the whole product (:
| milosmns wrote:
| They do clearly state that the Web component is in beta
| (realistically alpha or dev), so it's probably fine to be not
| secure during QA
| hnlmorg wrote:
| In the days before free SSL certificates I might have agreed
| with you. But these days I'd expect even dev environments to
| be secured.
| muhehe wrote:
| I disagree. It means that security is an afterthought which
| will be "added" later to the product to check the "secure"
| checkbox.
| staticassertion wrote:
| Not necessarily. You can design your system's security and
| then implement your features first. A good example would be
| "we know we need TLS, let's get a non TLS version up first
| and then add it before release".
|
| Pretty typical imo
| muhehe wrote:
| I'd say it pretty typical prequel to "we intended to
| implement TLS, but then we forgot/were busy/attacked by
| medusas/.../had different prioritises"
| staticassertion wrote:
| Sure, but I don't think there's anything inherently wrong
| with incremental security.
| muhehe wrote:
| I guess we won't agree on this. In my experience this is
| the sort of "good programmers don't do mistake X". Though
| technically possible, unreliable in reality.
| user3939382 wrote:
| My use case for this type of software is helping older,
| technically-illiterate friends and relatives.
|
| The biggest challenge for this group is getting them to: Find the
| website for the tool
|
| Find the download button
|
| Find the file in their downloads
|
| Run it so they can give me the connect number
|
| What the tool can do to help is make the website very distinct so
| I can be sure from a verbal description they're on the right
| domain, have an in-your-face download button, and have 0 install
| or configure steps upon launch.
| jenscow wrote:
| I've found using tinyurl (or hosting/redirecting the download
| page yourself) is generally best for that.
|
| I use AnyDesk - it was the first one I found which requires no
| installation (and when I got access, I added a link on the
| desktop and start menu). However, it requires extra clicks to
| access sensitive things (device manager at least).
| user3939382 wrote:
| AnyDesk is also what I use at the moment. It's pretty good
| for this use. There are fake/scam AnyDesk sites with virus
| downloads so I have to be careful to check which site they
| arrived at. Tinyurl isn't a bad idea.
|
| The only real problem I face is macOS requires these screen
| recording/accessibility permissions for the connections to
| work on some versions and it's extremely tedious to walk
| someone through setting those verbally.
| dementik wrote:
| I have been using TeamViewer for this specific case, helping
| out (usually older) people with their computer issues.
|
| I have struggled with this very same problem, and finally using
| some short url for downloads. Helps a little bit.
|
| But one funny story related to this: I was helping one
| gentleman and i told him on the phone that he should go to "www
| dot teamviewer dot com" . He had not used that before and his
| English skills were non-existent.
|
| He had trouble finding Download -button from the site and that
| time Teamviewer.com had young female model stock photo there. I
| asked him - to confirm that he is on the right website - like
| "Do you see there that brown haired cute girl?". He answered:
| "Yes, and few blondes.".
|
| I asked him to read address line for me and it was
| "teenviewer.com".
|
| After few corrections to the url we finally got Teamviewer
| installed.
___________________________________________________________________
(page generated 2022-05-21 23:01 UTC)