Extension To Chrome Brings Remote Desktop Abilities 189
CNET reports that as of yesterday, a new Chrome extension will "let a person on one computer remotely control another across the network." The new remote-desktop capability is in BETA (Google's all-caps version, for emphasis), but is said to work to control any OS from any other OS, so long as both sides are equipped with Chrome and the new extension. Related: Wired is running a profile of
Rajen Sheth — "father of Gmail," and now in charge of Google's Chromebook project as well.
Yeah (Score:5, Insightful)
Sounds exactly like something I want my web browser to be able to do. What could possibly go wrong?
Re:Yeah (Score:5, Interesting)
It actually sounds brilliant. Normally I have to direct clients, friends, family to a remote-support site, direct them to download the generated .exe, and run it to allow me in (actually, I usually end up permenantly installing said agent). Think LogMeIn Rescue, or TeamViewer (we actually use Bomgar).
If this works as advertised, it could make things a whole lot easier. Combined with the fact that Chrome can be deployed as an MSI, and extensions can be pushed and locked with GPOs, this could make support much easier.
Testing it now, but sounds great.
Re: (Score:2)
In the past I have used MSN messenger for this purpose, mainly because they already have it installed. I will have a look at Chrome as an alternative.
Re: (Score:2)
I've been looking for something like this. It would be nice to run multiple computers in my house with a single keyboard, mouse, and monitor.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
If malware is running on your system, they already can do whatever they want, including download arbitrary code and run it. This doesnt really bring them any new capabilities.
Seems if you really wanted to control someones computer using malware, you would just do a reverse VNC connection-- doesnt require a mediation server in the middle run by Google.
Login Screen (Score:3)
This isn't going to be very useful if it requires a user to be already logged in to work.
If it lets the user login over the remote desktop connection, Chrome is going to need to be running as an Administrator.
Re:Login Screen (Score:5, Informative)
This isn't going to be very useful if it requires a user to be already logged in to work.
It has just that limitation:
Re: (Score:2)
It sounds like it could be an alternative to WebEx, for those who use it for remote support.
Re:Login Screen (Score:5, Insightful)
It sounds like it could be an alternative to WebEx, for those who use it for remote support.
It beats the hell out of trying to get most adults to follow simple verbal instructions.
Ever work a technical support job? After explaining to an otherwise educated person (i.e. educated stupid) for the fifth time that when you ask him to "right-click with the right mouse button" it is not the same as "double-click (with the left)" you start thinking about remote desktop yourself.
Thankfully that was a long time ago. After a while, you stop thinking of involuntary sterilization as a viable option.
Re: (Score:2)
After explaining to an otherwise educated person (i.e. educated stupid) for the fifth time that when you ask him to "right-click with the right mouse button" it is not the same as "double-click (with the left)" you start thinking about remote desktop yourself.
Three cheers for the CLI !! You IM the luser commands to run and have them paste in the results.
Re: (Score:2)
I've had one user who was amazed by my techno-skills when I opened the documents folder. Turned out she had spent the last two years managing documents by opening Word, selecting Save As and using the save dialog as a file manager.
Re: (Score:2)
To be fair, I'm a programmer, a user of both Linux and Windows, capable of fixing minor kernel bugs, and have about 30 years of experience with various user interfaces, regularly confuse people because of how fast I use most interfaces, and it took me a short while to work out that the marble thing in Office was the menu. When you're used to the menu being in the ... menu bar (who'dathunk!) when it suddenly vanishes and gets replaced by the ribbon, you're inclined to think that that's where all the menu ite
Re: (Score:2)
I get people freaking out from time to time thinking their documents are gone because they're trying to find a PDF in the Word open file dialog.
Another one had me stumped for a while trying to track down her "missing" files. They turned up in her Favorites folder, cause they were her "favorties."
Re: (Score:2)
Re:Login Screen (Score:4, Interesting)
This time it isn't the user's fault, it's you who misunderstands him. He's left handed, the right button is under his index finger. His right button is your left button.
My former gf is a lefty, and I went through the same thing. The terminology is at fault -- rather than "right click" the term should be "middle finger click".
Re: (Score:2)
The index finger on your left hand is the right finger. The index finger on your right hand is the left finger. If your mouse is in your left hand, your index finger is on the right button.
Re: (Score:2)
Someone else set the mouse up before I met her.
Re: (Score:2)
"OK now just right click that icon" ...'but I'm left handed'
"No, take your finger and push the button on the right side of the mouse once and hold it down.. what do you see?" .." My email browser explorer express just started up"
"no you clicked the LEFT button.. i want you to click the Right button!.. don't you know left from right"
"...hey don't get mad at me i'm not a computer EXPERT like you!" ...20 minutes later...
that's click it TWO times .. double click means TWO clicks"
"...hey don't get mad at me i'm not a computer EXPERT like you!" ....
Yeah, that's about how it goes. The ability to rub two brain cells together is suddenly defined as expertise...
I wonder, when a doctor writes a prescription and says something like "take this pill once a day", does anyone reply with "but I'm not a medical EXPERT like you!"?
Re:Login Screen (Score:5, Interesting)
I presume you mean "this isn't going to be very useful to me".
I have supported loads of people who just need assistance doing something on their computer. Almost everyone bar you has helped family and friends with various computer tasks.
Sure you can do this with some existing technologies, but they tend to be either complex to set up or limited to a specific platform.
I'm sure that, if they can keep it secure, a free, easy to install, multi-platform remote desktop solution will be attractive to many on /.
Re: (Score:2)
It would be nice to be able to access my main computer at home from my netbook when I'm drinking at a bar.
Re: (Score:2)
They can be a PITA to walk people through getting to. A lot of the requests I do, 1/3 of the time is spent getting the remote person to get to the right site and click the right thing.
Re: (Score:2)
what I find to work is a combination of join.me and teamviewer. https://join.me/ [join.me] is dead simple to get people to do "click the orange circle on the left...yes it to death until it gives you a nine digit number...what's the number...say 'yes' to let me remote control..." and then use that for userland stuff. One thing that join.me doesn't deal with well is UAC prompts - namely that it doesn't allow users to click on them, since it's sandboxed similar to the browser. If you're only going to hit one that isn't
Re: (Score:2)
This isn't going to be very useful if it requires a user to be already logged in to work.
Why not? It sounds like its directed at aiding with remote tech help requests-- think "family and friends are having issues", and this lets you log in and help them.
Re: (Score:2)
This may not be your site, if you think your web browser will let you log into a computer? You might want CNN.
Re: (Score:2)
No, because access to the login screen requires admin (or possibly SYSTEM) rights, at least in Windows (and I would rather assume any sane OS).
Re: (Score:2)
How do you propose an unprivileged process give itself privileges to do so? Does it just say "please" and the OS security subsystem just goes "OK"?
Last I checked, all major OSes out there require some kind of an interactive elevation (UAC, gksudo/sudo, whatever you call the thing OSX does) in order for that to happen.
Re: (Score:2)
Remote assistance runs as the logged in user, last I checked, and has no access to the login screen.
UAC doesnt just grant the user admin rights. They need to have an admin account, or know the password to one.
I think we are arguing different things, honestly, I am aware remote desktop control is possible without admin (VNC, LogMeIn, etc etc etc).
Re: (Score:2)
Don't forget that LogmeIn and VNC used to require reboots on Windows.
They, and other non-MS remote control software need to run as admin at least once, so they can inject screen-mirroring drivers. The talking to the driver happens from non-admin mode later, but it only takes one admin session to infiltrate your system and work from there, if there's ANY malicious intent.
But back on topic, remote control isn't for the BLIND by any means; it MUST relay your screen by using "screen-mirroring" which requires vi
Re: (Score:2)
Thats not 100% accurate, we use Bomgar remote support which allows non-admins to run an agent to give us user-level access to their screen, remotely, even if it is our first time accessing said system. We also trial ran LogMeIn Rescue 2 years ago, which likewise did not require admin rights even for first time access-- even on Windows 7. However, in order to have access to the login screen, we would have to press a button to request UAC elevation.
Pretty much all big-name remote support tools are like this
In other words (Score:5, Insightful)
Why get excited over stuff we could do years ago? (Score:2, Insightful)
Something else that I just don't get with "technology" like this is how it's mistakenly seen as "innovative" because it somehow involves a web browser, although it's something we have been able to do for decades using other software.
This is basically the same as telnet, or rsh, or ssh, or VNC, or the many other technologies that do the same thing. Fuck, this is something we could even do in the browser years ago! I remember using a Java applet that let me connect in to computers at work using ssh or VNC. Th
Re: (Score:3)
Because the people (read: clueless lusers) we were trying to help years ago had no SSH or VNC server installed, nor NATed ports on their routers to make it work.
Now all (s)he needs is to have the browser installed, which (s)he might very well have already. It's very, very different, albeit not in a technical way.
Re: (Score:2)
Me then: Hey grandma, go to this URL and download and install VNC.
Me now: Hey grandma, go to this URL and download and install Chrome.
Not seeing how the authentication works yet, I'm guessing VNC might actually be simpler.
Re: (Score:2)
VNC will need you to walk grandma through a reboot, through configuring VNC, through configuring a port on her router, and then through turning VNC server off afterward to close the security hole.
Chro-mote will just need her to download and run a program, and then visit a particular URL, and maybe read a number to you over the phone. The lack of router config I think, is the biggest win here ; people are used to links, but not arcane looking network settings. She might not even know which IP address her rou
Re: (Score:2)
I run a website for a small theater company. The audience is anything but technical. Yet 40% runs Chrome.
Re: (Score:2)
+1. The C.S.-101 catchphrase would be 'what is old is new again'. In a related vein, the computer developer in me was hit by Steve Jobs death, regardless of the fact that much of his modern fame involved not the main innovations, but rather polishing and driving them to market with a coherent vision (and the power that a deep bank account provides didn't hurt his odds either). I.e. the ipod was a brand of mp3 player, not a music playing device invention. Likewise this latest google gadget is a brand of
Re:Why get excited over stuff we could do years ag (Score:4, Interesting)
As an Archos Jukebrick fan myself, the innovative part that the iPod brought was bringing the technology to a functional level of convenience. The iPod was the first one that fit in your pocket.
I'm not going to be able to explain to my mother how to get an ssh server up and running on her machine. But getting Chrome installed with an extension? That I could believe.
The key is *enabling.* Twenty years ago, setting up an FTP based home file synchronization service was technically possible. But it was a huge PITA. DropBox automated everything with a simple single login. Similarly, simplifying VNC into something that everyone already has. That means that people who wouldn't have exposure to remote control, now do.
Re: (Score:2)
"As an Archos Jukebrick fan myself, the innovative part that the iPod brought was bringing the technology to a functional level of convenience. The iPod was the first one that fit in your pocket."
I owned a rio800 in 2001. Not much longer or thicker than its power source, a AA or AAA battery (I think the former, but thats still smaller than a deck of playing cards, and probably half the weight). I still would prefer to be able to carry bog standard extra power cells like a AAA to power my player, though my
Re: (Score:2)
The Rio800 was a flash-based player. A solid one... I had a Rio PMP300 and 500 as well, and gazed longingly at the Rio 800's 128MB of space. But the original iPod had a micro HDD, up until then only used in photography, which started at 5GB of space. They definitely were the first to jump down from notebook hard drives to micro drives, in order to get a HDD based player into your pocket.
The signature scroll wheel is also easier to navigate large lists of songs with. And Apple was the first to integrate
Re: (Score:2)
"The iPod won because Apple took a niche technological gadget,"
That is the key point of our disagreement I think. What you describe them doing to what you describe as a 'niche tech gadget', I would alternately call the blazing obvious happening to the blazing obvious mainstream device. There was nobody who in y2000 and much earlier, did not see that computer memory and processing devices were shrinking, and that as you could now have a music system in a PC size device, that eventually you would have one i
Re: (Score:2)
the whole idea of which was called VNC and was originally designed by At&t!
Re: (Score:2)
well the point was Google is once again doing something that was tried before in the past. sorry i was wrong about who gets credit for the idea... it just was VNC was my first remote graphical terminal/desktop sharing app. and it was called a virus by av scanners.
Re: (Score:3)
In other news a computer companies continue to provide users with a button to turn their computers on despite the obvious security risks introduced when the machine is running.
Everything is a security vulnerability. An OS is a vulnerability. Having a computer connected to the internet is a vulnerability. A web browser is a vulnerability. Even your post and the fact it was modded insightful is a vulnerability to the sanity and common sense of people reading it.
Re: (Score:2)
i realize you were being rather sarcastic, but there's a difference between "There is an attack surface that, given enough time, a determined hacker can exploit" and "there's an exorbitantly easy exploit being built directly into the browser".
Re: (Score:2)
"there's an exorbitantly easy exploit being built directly into the browser".
I wasn't being sarcastic at all. The parts of our lives that have been most helped by the emergency of technology are the most easy to exploit. They are all born out of convenience and interconnectivity.
My point is if you want security they you may as well give up many of the useful functions of your computer. You plug in a Windows XP machine to the internet and it gets owned before you even have a chance to load up the windows update server. Yet here we have a extension, unlikely to be very widely used, co
Re: (Score:2)
If your concern is that the remote access software might be able to be used without a valid auth code, why wouldnt that apply to solutions like TeamViewer? Or RDP? Or VNC?
Or is your concern that its "within a browser", and thus inherently must be insecure?
Re: (Score:2)
In a nutshell, yes. One great way to take relatively small security concerns and greatly magnify them is to have a single application that tries to be everything and do everything for everyone. The browser is involved in too many different things as it is. As it becomes more and more central, it is also a more and more tempting target. A worst-case compromise now has fewer barriers in terms of the damage it can do.
I
Re: (Score:2)
Except that to all appearances this requires the user to go to a specific web site (or somehow generate a control code) and explicitly allow the connection. It's still not without some security concerns I suppose, but it would require a fair amount of fooling both Google and the user to abuse it. Mostly I can see it as being a great way to help friends/relatives with their computers. As a double plus good you can help your mom with her Mac from your Windows box, or your dad with his Windows box from your
Re: (Score:2)
In a nutshell, yes. One great way to take relatively small security concerns and greatly magnify them is to have a single application that tries to be everything and do everything for everyone. The browser is involved in too many different things as it is. As it becomes more and more central, it is also a more and more tempting target. A worst-case compromise now has fewer barriers in terms of the damage it can do.
If you are (implicitly, of course) saying that adding remote access to an already complex Web browser has absolutely no security implications whatsoever and no amount of caution could possibly be reasonable, well, I say that statement carries with it a burden of proof. Until you demonstrate otherwise, that positive claim is rightly considered false.
Those who disagree with you by default are merely being sensible.
Hmmm. Isn't "a single application that tries to be everything and do everything for everyone" a reasonable description of the OS? I'm not attempting a reductio ad absurdum, but it seems to me your (legitimate!) concerns over the security issues involved when you start adding functionality to software had to be solved for the OS, and those lessons can be applied to the browser.
Re: (Score:2)
Once again, if your browser is exploited to the extent that the attacker can invoke that remote access plugin unauthorized, the battle is already lost-- they are running arbitrary code and could if desired download that plugin or another userland program on demand.
Re: (Score:2)
We are moving into another scary world with very little forethought. We are putting all our data online with free services without thinking deeply about securing that data. This is like when we hooked our computers to the internet without knowing that we were exposing ourselves to every two bit sc
Re: (Score:2)
It's an extension. If you don't like it, or need it, don' t install it.
Re: (Score:2)
Google is just catching up to Microsoft. Windows has had this capability for many years, of other people remotely accessing it. In fact, Microsoft has even had to apply major resources to reducing access to this feature, due to overwhelming demand.
Does Microsoft's solution work even over the Internet, when both machines are behind firewalls? How about when the machines are running different operating systems (i.e. not Windows)?
Re: (Score:2)
No and no. It only works in Macs, or on Vista or later, No XP, no Linux, according to what you linked to.
Last I heard, half the computers on the planet still run XP.
Re: (Score:2)
Interesting, thanks.
Still no Linux support, though, so it wouldn't be much use to me, while the Chrome extension might be (haven't tried it yet).
Totally safe (Score:5, Insightful)
Re: (Score:1)
Re: (Score:1)
They realize that consumers don't give a shit about security until you first give them enough convenience to hang themselves with; after that though they complain a lot but you already have all their money and their business by then so it doesn't matter.
Re: (Score:2)
The process which will 'control the machine' will most probably have almost nothing to do with the processes which control the windows. That's how the whole browser is built: lots of independent processes limited on what they can do and able only to talk to each other over well defined interfaces.
Re: (Score:2)
There are several other web services that do just this via IE. Very popular with customers since you don't need to ask a network admin to open ports/etc.
Re: (Score:2)
Ever have a customer that purchased your $30k services, you spend 2 weeks discussing how everything works and everything you'll need with them, you sign all the contracts/etc, then when you're ready to go you contact their tech admin to get Remote Desktop to set things up, and they strait out refuse to give you access.
Now, the customer also says that the only reason they are willing to get our services is because we told them we can have it running in under 1 week. From a legal standpoint, we would be fine,
Re:Totally safe (Score:4, Insightful)
Yes another mindlessly idiotic post.
We should eliminate all possible sources of exploits regardless if they are attached to useful things. I have the perfect computer:
- Runs Linux with all the latest security kernel enhancements.
- No browser installed to prevent users from accidentally finding something malicious on the net.
- Not network connected to prevent attacks from outside.
- No monitor to prevent people looking over your shoulder stealing your sensitive data.
- No Powersupply to make sure it can't be turned on, after all a computer that's not running is secure right?
Yes it is a brilliant idea, for many reasons. Yes there's a possible security exploit. Yes it's quite probably a risk worth taking.
Re: (Score:2)
I laugh at your security-enhanced Linux from my virus-free no-external-plugs QNX brick.
Re: (Score:2)
You can't ignore the fact that the browser is the most critical attack surface for any computer connected to the Internet nowadays: often, it's even the only one, given that most other network interactions from home computers are blocked by residential firewalls.
That is a widely common misconception. The vast majority of attacks using the browser are social engineering attacks, phishing and the like. Many of the non-social attacks use the browser as just another vector to gain access to other components of the system, PDFs and Flash being the latest in vogue right now amongst the usual array of windows specific attacks.
There's actually very few exploits aimed at the browser itself in active use.
Re: (Score:2)
They are. So let's not use them and instead go for network daemons which sit there idly waiting to also be exploited for malevolent purposes.
My point is here is a tool that provides functionality. It either exists or it is replaced by a similar tool by those who need the functionality. The fact that it is a browser plugin as opposed to a standalone program doesn't necessarily make it any more or less of a security risk. Complaining that this is a security risk but RDP, VNC or many other similar products isn
Re: (Score:3)
Re: (Score:2)
Well, considering that it was originally invented for ChromeOS I think the concept was that the browser already was the machine...
Already been done. (Score:2)
Re: (Score:3)
You talking about this? [wikipedia.org] I didn't see anything there about being operating system agnostic.
Re:Already been done. (Score:4, Funny)
Re: (Score:2)
Even from Linux to Linux? And Mac to Mac? and every other combination in between?
technical demo vs. useful tool (Score:3)
This can only be a useful alternative to existing tools like TeamViewer if and only if the Chrome browser itself becomes a truly ubiquitous browser, found on EVERY machine. Otherwise, what's the difference if one still has to install software on both systems to make it feasible? In this instance, it's actually two installations, given the need to install the extension as well as the browser itself.
Re:technical demo vs. useful tool (Score:5, Insightful)
"Otherwise, what's the difference if one still has to install software on both systems to make it feasible?"
Well, given that TeamViewer starts at $700 for commercial use, I would say there is rather a large difference.
Re: (Score:2)
This can only be a useful alternative to existing tools like TeamViewer if and only if the Chrome browser itself becomes a truly ubiquitous browser, found on EVERY machine
....Or if you support friends and family, and can standardize them on Chrome. Or if you are a network admin, and roll out Chrome MSI with GPO policies that preinstall this.
In a browser (Score:2)
Does not sound like bloat one bit.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
It's an extension.
Another remote access (Score:2)
Chrome reinvents VNC as an extension (Score:2)
News at eleven.
Re: (Score:2)
They could have at least used their own damn implementation of the NX protocol [google.com] and got work going around porting it to Windows and Mac. Maybe then NX would finally start to replace VNC and the FLOSS community would have a high quality remote desktop environment (and by high quality I mean HDX responsiveness). Or, god forbid, an HTML 5 client -like Ericom's AccessNow [ericom.com] which is marketed for Chromebooks. You know, anything other than reinventing the damn wheel.
Answer to question about NAT (Score:2)
FTA: "Bottom layer is p2p connection established by libjingle [a Google collection of peer-to-peer software tools], this can be UDP, TCP, or relay through Google."
In other words, at least one "client" needs to have a port forwarded from the NAT firewall. Otherwise, it will still work, relaying through Google.
Interesting possibilities (Score:2)
http://src.chromium.org/viewvc/chrome/trunk/src/remoting/base/ [chromium.org]
Will this be on Chromebooks? (Score:2)
"You can get all your work done on a Chromebook (small-print: if you VNC to a computer with a hard drive.)"
VNC/RDP in HTML5 (Score:2)
I find these much more impressive:
http://www.thinvnc.com/index.html [thinvnc.com]
http://www.ericom.com/html5_rdp_client.asp [ericom.com]
Not the least because every Windows machine has an RDP server on it (that is very easy to enable in Control Panel even for a clueless casual user), and most Unixen are easy to configure with VNC.
Re: (Score:2)
I had to connect to some machines in California from London via VNC the other day. A timely reminder of how much I hate that protocol: it's so slow. RDP completely kicks its arse. The OS X server side implementation seems particularly slow, but even with everything turned down in TightVNC and JPEG compression turned up, it's still horrible (and there are all of the bugs in TightVNC on Windows, like on some machines failing to redraw the screen). Only RDP seems to be able to cope with higher latency conn
Help me out here (Score:2)
That's a fairly minor wrinkle on the main one. Setting up browser control of OS may not be that big a deal on the tech support
Re: (Score:1)
Re: (Score:2)
I think you might be confused about what a firewall actually does. Without reviewing the product at all I'm just gonna go ahead and say "no." Not unless you punch a hole in the firewall at least. Making it so that hole can be on port 80 is something VNC can do as well that does *not* actually make it more secure.
Re: (Score:2)
Re: (Score:2)
I think you might be confused about what a firewall actually does. Without reviewing the product at all I'm just gonna go ahead and say "no.
Actually, most decent remote support products these days (that is, all of them) get around that by doing outbound connections to a central "mediator" service, usually on port 80.
Firewalls are almost never an issue for remote connection software of this sort, unless they are doing DPI and specifically trying to block traffic of this sort.
Re: (Score:2)
Who describes that as a hole in the firewall? Apart from you, no one. Because it isn't a useful way to describe it.
Using the commonly-accepted terminology, remote desktop apps that don't use a central server for viewer and server to connect out to require a hole in the firewall on the server-side of the network.
Re:Hat trick (Score:4, Funny)
Which part of a computer cannot go wrong?
If the number one consideration was always "what could possibly go wrong?" we'd still be shitting in the bushes and wiping our butts with leaves.
If god didn't want us to take chances, he wouldn't have given us fingers to cross.
Re: (Score:3)
Re: (Score:2)
And then there was the iRabbit for wiping your butt with. Came in black or white. A major disruption to the butt wiping industry of the day.
Re:Hat trick (Score:4, Insightful)
Yeah, thinking like that is what gave us Melissa [wikipedia.org].
When you design software, you can either design with security as part of the architecture or not. Secure software designs still have problems, but it's the difference between a pinhole and a barn door.
Unix systems were much more secure than Windows systems for years (whether they are now is up to debate). The reason is that Microsoft had to take drastic measures over more than a decade to secure their system was because their architecture was never designed with security in mind. Unix didn't have the problem - as a multiuser system, security was part of the design, so replacing insecure pieces with secure components (think rsh -> ssh, crypt() to md5(), shadow, etc.) was much easier.
In order to have a remote desktop application be part of a web browser, you need to break the security of the browser and reach the base system. I don't know how the extension framework for Chrome works (I only use it for webcomics), but I would definitely think twice before installing something like this onto a piece of software that regularly communicates with untrusted data (which is primarily what a web browser does).
Re: (Score:2, Offtopic)
Not since I met my wife.
Re: (Score:2)
Is this a fully JS extension,
If it is, its 19MB of javascript.