Have to wonder if this is linked to this interesting story from yesterday: http://www.abc.net.au/news/2018-04-06/porn-site-pornhub-displayed-on-perth-yagan-square-touchscreen/9624428
NUC, NUC! Who's there? Intel, warning you to kill a buggy keyboard app
Intel has made much of its NUC and Compute Stick mini-PCs as a way to place computers to out-of-the-way places like digital signage. Such locations aren’t the kind of spots where keyboards and pointing devices can be found, so Intel sweetened the deal by giving the world an Android and iOS app called the “Intel Remote Keyboard …
COMMENTS
-
-
Friday 6th April 2018 09:46 GMT K
Re: VNC on Linux???
2 words - Chrome RemoteDesktop .. OK, maybe that should be 3 words.
It works great, I've got a couple of VMs at home that I use for development (Linux / Python IDE etc) and couple of build boxes for my open source projects. I can access these boxes from anywhere in the world, do a bit of coding etc, all without the faff.
Though I should stress, these boxes sit in a segmented network. with a next-gen Firewall sitting in front of them.
-
Friday 6th April 2018 08:12 GMT Adam 52
VNC
Maybe it's just me, but I've never managed to get VNC working properly. I can just about get the console to display remotely on a good day but if I try to spawn a new desktop for each login I always end up with people seeing each others desktops or not being able to get back to their old one. And you have to create huge great holes in the firewall. Then when it is connected it's really sluggish. OK for some remote admin but not really usable for day to day work.
I don't suppose there's a Linux rdp server is there? A quick search didn't find one.
-
-
Monday 9th April 2018 06:34 GMT Paul 129
Re: VNC
X2go was another interesting system (did have issues with apps using opengl, but could just about watch movies over it). I find myself using xrdp at the moment though.
Also note there are a number of interesting python libraries to automate actions within vnc sessions.
Each solution, good in a number of ways, but no single one can do it all.
-
-
-
Friday 6th April 2018 08:47 GMT Anonymous Coward
Off topic but an interesting bit of Intel trivia
The Chinese phone manufacturer "Alcatel" aka "TCL" partnered with McAfee and Intel and created an Android application called "Hi Security Lite - Antivirus, Booster" which has recently won the (not so) prestigious Android Blacklist award at androidblacklist.org.
https://androidblacklist.org/2017/07/27/virus-cleaner-hi-security-antivirus-booster/
From what I've heard the Intel portion of the app was used to scan the users network connections and other internet related functions.
Portions of the apps TCL related software that was flagged as "snake oil" by androidblaclist.org was pushed on to users devices without warning or permission along with the now infamous Facebook Graph API.
-
-
Friday 6th April 2018 11:33 GMT Denarius
Re: VNC on Linux
Yes as this august publication stated a month or so back. What baffles me is that Intel owned a very good real time OS development tool in WindRiver systems or could use a well tested stable reliable realtime OS, QNX. Why use an OS theory training example ? Not knocking Minix either. Just is it the right tool for the job question ?
-
Sunday 8th April 2018 15:18 GMT DCFusor
xtightvnc or xrdp
Due to an autostart (systemD) issue when raspberry pies went to Stretch, I ran xrdp on a pi 3 b+ for awhile.
A very short while - it works, but it stinks badly - it's 10x (at least) slower than tightvnc, and just worse looking at equivalent quality settings.
My issue with vncserver being started endlessly in a loop by systemD when started the "old safe way" was fixed by making a desktop file in /etc/xdg/autostart and I'm glad to be back to that - it works great and works with most of the vnc viewers out there. I use Remmina on Linux usually.
RealVNC, bundled with the pi, is a piece of crap that only works with their viewer, which in turn only works with their server. With the 10's of pies around here automating things, no way am I going with something different for each one...especially not something that kinda begs for bucks to work right.
Yes, tunneling though SSH works, especially if you're willing to do the new almost-required key set foolery. Not much point if you're just going to say "ok, just connect unverified" anyway.
-
Sunday 8th April 2018 19:58 GMT Deltics
Why not simply make this vulnerability abundantly clear and then leave users to make up their own minds ?
I have a NUC which is in an accessible situation in my living room and I use this app for convenient control from my phone without having to reach for RDP via a laptop and or struggling with the non-mouse/soft-keyboard disconnect that a tablet provide. Plugging in a mouse and keyboard into the front-firing USB-A's is easier than that.
Which also provides an attack vector for anyone wishing to "inject keystrokes" or indeed mousey gestures, that removing this app will not address.
Yes, if anyone can get on my wifi from outside the house then this is a greater attack surface than physical access to my NUC, but securing my wifi is a separate problem which, if adequately addressed, surely renders attack vectors which depend on that access moot ? No ?