I logged into my live-mesh-connected desktop PC this morning to find Microsoft Word had been opened and a sentence pasted into a new document: "I was feeling under the weather all night and really wanted my bed.Sorry I bounced without a good bye, I bolted with little fan fare." I didn't do this myself, it has been done by someone else. I looked in the Edit menu to see that the text had been pasted ("Undo Paste" was the undo command). I had previously used the desktop about 18 hours previously for a different application, and that application was still open. But the Word was open on top, with that single sentence pasted into Document1. The PC in question is configured to lock after a few minutes of being idle, and so whenever I connect to it, either from Live Mesh or at the console, I need to type a password. The password is fairly secure, it is a dictionary word followed by a digit. Not a super-strong password, but not an extremely weak one either. There is no one else in the house who knows the password. It is clear to me that someone/thing connected to the computer remotely, fired up Word, and pasted in the text. The PC in question is connected to the internet via a NAT-ed router. I have wireless, but it isn't open, there is a password. I live in the suburbs with old folks all around, so I think that the chance of a wireless hacker finding my router, then finding my computer on it, is possible but remote. Live Mesh seems to be the likely weak link. Any thoughts? Any reading I can do anywhere about the security of Live Mesh?
Oops, my bad, you can ignore my original post. As it turns out, I had walked away from my PC for just a few minutes and another member of the household used Word to spell-check a sentence before entering it into facebook. They didn't realize they were using a remote device.
Anyone with access to your LiveID and password can, in theory, use Live Mesh to remote to any device in your Mesh that supports remote connections. So, it is imperative that your password be secure. -steve~ Microsoft MVP Windows Live ~ Windows Live OneCare| Live Mesh|MS Security Essentials Forums Moderator ~
Oops, my bad, you can ignore my original post. As it turns out, I had walked away from my PC for just a few minutes and another member of the household used Word to spell-check a sentence before entering it into facebook. They didn't realize they were using a remote device.
Mystery solved. :-) That's much better than being hacked! -steve~ Microsoft MVP Windows Live ~ Windows Live OneCare| Live Mesh|MS Security Essentials Forums Moderator ~
