locked
Remote Desktop issues RRS feed

  • General discussion

  • I'm seeing some issues with the way Remote Desktop works today and I think one of them is a security issue.

    Assume I'm sitting at PC A and connecting remotely to PC B.

    1. If I select the "hide desktop on remote computer" option on PC A, the screen goes black on PC B but the mouse pointer is visible.
    Problem: For someone approaching PC B there's no indication that the machine is being accessed remotely. Instead it looks like the machine is hanging.
    Suggestion: Display a message, e.g. a Mesh logo and text "This computer is locked because it's being used remotely" or something like that.

    2. If the remote screen is blanked a user on PC B has no way to stop the connection, so remote access has precedence over local access.
    Problem: This could be a problem, especially if I forget to disconenct from PC A I can no longer use PC B. And a user looking at PC B doesn't even know who is connected remotely, so he can't contact me asking to disconnect.
    Suggestion: Show who's accessing the machine remotely, and a button to disconnect the remote user.

    3. If I select *not* to blank the remote screen and then return to the switch user/logon screen, there's no indication for a user at PC B that I can watch his screen.
    Problem: If a suer logs on at PC B I can spy on his screen and even take actions of his behalf. I find that dangerous!
    Suggestion: Display a prominent message, or always blank the local screen when someone is accessing the machine remotely. I think that showing the screen on both machine would be useful only in rare situations, like remote assistance.


    Stefan Krueger, Microsoft Windows Installer MVP, www.InstallSite.org
    Thursday, December 11, 2008 11:52 AM

All replies


  •  


    1. If something gets displayed on the remote machine, PLEASE make it something that is configurable (i.e. my own image or text) and moves around the screen. In my particular application, a lot of remote screens are LCD or plasma panels, and they get stuff burned in to them if it sits for long periods of time in the same spot. I'd like it configurable so that people who see this in a public place see something that fits the venue, and not the sort of "This computer is being serviced" message that gets your system's picture on failblog.org or something.

    2. I thought there was a translucent banner at the top of the remote screen that indicated which user was remotely connected. I haven't realy been at the remote computer side. And I thought Ctrl-Alt-Del could kick the attached user off.

    3. That's sneaky. See my comments above for how I _thought_ it worked. Maybe the wallpaper could be changed to indicate that the session is being remotely accessed/controlled.
    Thursday, December 11, 2008 5:59 PM