Windows Vulnerability Released - Remote Desktop Users Beware - Chris Titus Tech
video description
Date: 2022-03-21
Related videos
Comments and reviews: 10
Serge
I was called to a shop to look at their computer that was stopped working. At 1st sight it was the power supply that died. I replaced the power supply and booted up the PC. I saw the bios screen and after 3 minutes staring at the bios screen, I tought something was wrong. Entered the bios and everything seems find. Reboot the computer and left it with the bios screen and waited. After 7 minutes the PC started Windows XP. This PC was connected to the internet and remote desktop service was running. When I told this was very insecure and they should upgrade the whole PC, the answer was : the owner of the shop is 76 years old and don't want to upgrade because everything worked fine and she could connect to the PC to control everything. No way to convince her to upgrade. She won't spent money for a new computer. Lucky for her I'm a nice guy, because I could easy hack the computer. But I'm sure, some day, a not so nice guy will have access to her computer. -Wat baten kaas en bril als de uil niet zienen wil- is a dutch proverb (What are the benefits of candle and glasses if the owl does not want to see) In Dutch, an owl stands also for a dumb person.
reply
I was called to a shop to look at their computer that was stopped working. At 1st sight it was the power supply that died. I replaced the power supply and booted up the PC. I saw the bios screen and after 3 minutes staring at the bios screen, I tought something was wrong. Entered the bios and everything seems find. Reboot the computer and left it with the bios screen and waited. After 7 minutes the PC started Windows XP. This PC was connected to the internet and remote desktop service was running. When I told this was very insecure and they should upgrade the whole PC, the answer was : the owner of the shop is 76 years old and don't want to upgrade because everything worked fine and she could connect to the PC to control everything. No way to convince her to upgrade. She won't spent money for a new computer. Lucky for her I'm a nice guy, because I could easy hack the computer. But I'm sure, some day, a not so nice guy will have access to her computer. -Wat baten kaas en bril als de uil niet zienen wil- is a dutch proverb (What are the benefits of candle and glasses if the owl does not want to see) In Dutch, an owl stands also for a dumb person.
reply
ChristopherCobra
Edit: Now that I have read more - I do not think disabling remote desktop will totally work - get the update.
The way I read this - it is not exactly -bugs- as much as it is sloppy (but the news is confused - so maybe I am wrong). 3rd party drivers sloppily written, approved by MS, that allow for user elevation and then access to functions like the remote services (any of them). Linux is inherently more secure than Windows because of the archetype in place - but they should not be cocky about this in light of recent events. Just my opinion - I probably missed something - but the recent Gnome/KDE issues are not that different - other than in the Windows case - a trusted party could open the hole (far less likely for -nix). BTW - win 8 users/hkrz - despite what MS says - you are vulnerable with remote services enabled. But of course you have them disabled. That's why you are using - :) EDIT - and a Day later there is an update for my 8.1 systems. Imagine that.
reply
Edit: Now that I have read more - I do not think disabling remote desktop will totally work - get the update.
The way I read this - it is not exactly -bugs- as much as it is sloppy (but the news is confused - so maybe I am wrong). 3rd party drivers sloppily written, approved by MS, that allow for user elevation and then access to functions like the remote services (any of them). Linux is inherently more secure than Windows because of the archetype in place - but they should not be cocky about this in light of recent events. Just my opinion - I probably missed something - but the recent Gnome/KDE issues are not that different - other than in the Windows case - a trusted party could open the hole (far less likely for -nix). BTW - win 8 users/hkrz - despite what MS says - you are vulnerable with remote services enabled. But of course you have them disabled. That's why you are using - :) EDIT - and a Day later there is an update for my 8.1 systems. Imagine that.
reply
Perhaps
Chris, I plan on switching over two laptops from Windows 10 to one of the Linux distros. Neither of these laptops are on the internet. Their only network is with each other, via an Ethernet cable.
I use Remote Desktop between them all of the time, and am looking for a good Linux substitute. Any suggestions?
Note that the server side needs to send over only the video; the audio should remain local on the server (the server feeds, via a USB cable, digital data to a -digital to analog converter- (DAC), as a music transport).
Someone suggested that VNC would do the job. Do you concur? I value your advice.
Note that these laptops will probably never see the internet. The distros will be loaded via a USB stick, as well as the JRiver Media Center app, as well as all musical file content. Updates will likely never be an issue, as this serves a single purpose (playing music, via local .flac files). Once it works, it should always work.
Thank you.
reply
Chris, I plan on switching over two laptops from Windows 10 to one of the Linux distros. Neither of these laptops are on the internet. Their only network is with each other, via an Ethernet cable.
I use Remote Desktop between them all of the time, and am looking for a good Linux substitute. Any suggestions?
Note that the server side needs to send over only the video; the audio should remain local on the server (the server feeds, via a USB cable, digital data to a -digital to analog converter- (DAC), as a music transport).
Someone suggested that VNC would do the job. Do you concur? I value your advice.
Note that these laptops will probably never see the internet. The distros will be loaded via a USB stick, as well as the JRiver Media Center app, as well as all musical file content. Updates will likely never be an issue, as this serves a single purpose (playing music, via local .flac files). Once it works, it should always work.
Thank you.
reply
George-Teodor
the reason why linux (or Mac Os) has fewer threads is because it isn't that popular,so hackers see more value hacking an windows than an linux.And plus,while linux is hard to hack,it is actually used to hack(pun intended) meaning that hackers prefer using linux over windows.This is because linux has more control than the other OSs,so now i can understand why windows or mac os don't have that much power,but the stuff that you can do is really easy.
PLUS who uses windows remote desktop when there are much better alternatives?
reply
the reason why linux (or Mac Os) has fewer threads is because it isn't that popular,so hackers see more value hacking an windows than an linux.And plus,while linux is hard to hack,it is actually used to hack(pun intended) meaning that hackers prefer using linux over windows.This is because linux has more control than the other OSs,so now i can understand why windows or mac os don't have that much power,but the stuff that you can do is really easy.
PLUS who uses windows remote desktop when there are much better alternatives?
reply
RanByMonkeys
It's been a while since I used windows (thank goodness). There are 4 or 5 different places in windows 10 you need to turn remote desktop off. That is a very large part why I quit using it. Windows or should I say (people who program windows) do not care what you want your PC to be able to do or not do. Deep in the guts of that program there are ways to use everything you checked to turn off. You aren't crazy when you think to yourself -I thought I disabled that- and there it is running wide open.
reply
It's been a while since I used windows (thank goodness). There are 4 or 5 different places in windows 10 you need to turn remote desktop off. That is a very large part why I quit using it. Windows or should I say (people who program windows) do not care what you want your PC to be able to do or not do. Deep in the guts of that program there are ways to use everything you checked to turn off. You aren't crazy when you think to yourself -I thought I disabled that- and there it is running wide open.
reply
Sebastian
The whole thing's been blown out of proportion. If you are not actively using RDP then you don't have to do a thing, because you haven't punch a hole in your router to allow traffic from the Internet into your LAN. If, on the other hand, you are using RDP, then you shouldn't have never exposed it to the Internet, and you should be tunneling it through SSH. In either case, I honestly don't see the point in turning this into a Windows vs Linux issue...
reply
The whole thing's been blown out of proportion. If you are not actively using RDP then you don't have to do a thing, because you haven't punch a hole in your router to allow traffic from the Internet into your LAN. If, on the other hand, you are using RDP, then you shouldn't have never exposed it to the Internet, and you should be tunneling it through SSH. In either case, I honestly don't see the point in turning this into a Windows vs Linux issue...
reply
Just
I-m suffering from this right now. This thing uses Remote Desktop with UAC to gain escalation privileges. And yeah Windows is a pain in the ass and I don-t understand why they allow certain files to be ON all the time. It-s really bad. It has gotten on all my devices etc etc. it-s insane. Trying to figure out how to kill it.
reply
I-m suffering from this right now. This thing uses Remote Desktop with UAC to gain escalation privileges. And yeah Windows is a pain in the ass and I don-t understand why they allow certain files to be ON all the time. It-s really bad. It has gotten on all my devices etc etc. it-s insane. Trying to figure out how to kill it.
reply
JAMplusPAW
Updating Windows 10 took several discussions with Microsoft. Finally I solved it myself by downloading from internet instead of the Windows settings update options.
Download and install of version 1903 took 12 hours. I am going to Elementary OS or Linux Mint Cinnamon.
reply
Updating Windows 10 took several discussions with Microsoft. Finally I solved it myself by downloading from internet instead of the Windows settings update options.
Download and install of version 1903 took 12 hours. I am going to Elementary OS or Linux Mint Cinnamon.
reply
BeInteractive
Oh YES! What crap the Remote Desktop version right now! It stopped working on my PC's ever since I did the upgrade. You were right about Win 10 v1903 being buggy! Why did MS not fix Remote Desktop right away!? Thanks for the tips Chris!
reply
Oh YES! What crap the Remote Desktop version right now! It stopped working on my PC's ever since I did the upgrade. You were right about Win 10 v1903 being buggy! Why did MS not fix Remote Desktop right away!? Thanks for the tips Chris!
reply
Capt1caveman
With these last vidz you released, I am starting to wonder if I'm not better off just playing my game in wine.... I play World of Tanks and it hasn't been ported to Linux yet... So I guess either using wine, or stop playing, huh?
reply
With these last vidz you released, I am starting to wonder if I'm not better off just playing my game in wine.... I play World of Tanks and it hasn't been ported to Linux yet... So I guess either using wine, or stop playing, huh?
reply
Add a review, comment
Other channel videos
