Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Chrome Google IT

Extension To Chrome Brings Remote Desktop Abilities 189

CNET reports that as of yesterday, a new Chrome extension will "let a person on one computer remotely control another across the network." The new remote-desktop capability is in BETA (Google's all-caps version, for emphasis), but is said to work to control any OS from any other OS, so long as both sides are equipped with Chrome and the new extension. Related: Wired is running a profile of Rajen Sheth — "father of Gmail," and now in charge of Google's Chromebook project as well.
This discussion has been archived. No new comments can be posted.

Extension To Chrome Brings Remote Desktop Abilities

Comments Filter:
  • Yeah (Score:5, Insightful)

    by Anonymous Coward on Saturday October 08, 2011 @05:50PM (#37650776)

    Sounds exactly like something I want my web browser to be able to do. What could possibly go wrong?

    • Re:Yeah (Score:5, Interesting)

      by LordLimecat ( 1103839 ) on Saturday October 08, 2011 @07:47PM (#37651324)

      It actually sounds brilliant. Normally I have to direct clients, friends, family to a remote-support site, direct them to download the generated .exe, and run it to allow me in (actually, I usually end up permenantly installing said agent). Think LogMeIn Rescue, or TeamViewer (we actually use Bomgar).

      If this works as advertised, it could make things a whole lot easier. Combined with the fact that Chrome can be deployed as an MSI, and extensions can be pushed and locked with GPOs, this could make support much easier.

      Testing it now, but sounds great.

      • In the past I have used MSN messenger for this purpose, mainly because they already have it installed. I will have a look at Chrome as an alternative.

      • by mcgrew ( 92797 ) *

        I've been looking for something like this. It would be nice to run multiple computers in my house with a single keyboard, mouse, and monitor.

        • by djlowe ( 41723 ) *
          RDP works just as well for that, and is available for Windows, Linux and OS X. Regards, dj
        • by pnutjam ( 523990 )
          Check out Synergy [google.com], it allows you to share keyboard and mouse across multiple computers, but each needs it's own monitor. It also works across OS (linux, mac, windows). Another option, that sound more like what you want is italc [sourceforge.net]. It lets you remote control other PC's from one master PC. I deployed it in a Fire Department training room and they love it.
  • by igreaterthanu ( 1942456 ) * on Saturday October 08, 2011 @05:54PM (#37650792)

    This isn't going to be very useful if it requires a user to be already logged in to work.

    If it lets the user login over the remote desktop connection, Chrome is going to need to be running as an Administrator.

    • Re:Login Screen (Score:5, Informative)

      by mysidia ( 191772 ) * on Saturday October 08, 2011 @06:01PM (#37650852)

      This isn't going to be very useful if it requires a user to be already logged in to work.

      It has just that limitation:

      The technology right now is limited so that permission must be granted each time remote administration is activated. "This version enables users to share with or get access to another computer by providing a one-time authentication code. Access is given only to the specific person the user identifies for one time only, and the sharing session is fully secured,"

      Read more: http://news.cnet.com/8301-30685_3-20117619-264/chrome-extension-enables-remote-computer-control/#ixzz1aEa5rPhB [cnet.com]

    • This isn't going to be very useful if it requires a user to be already logged in to work.

      It sounds like it could be an alternative to WebEx, for those who use it for remote support.

      • Re:Login Screen (Score:5, Insightful)

        by causality ( 777677 ) on Saturday October 08, 2011 @07:20PM (#37651204)

        This isn't going to be very useful if it requires a user to be already logged in to work.

        It sounds like it could be an alternative to WebEx, for those who use it for remote support.

        It beats the hell out of trying to get most adults to follow simple verbal instructions.

        Ever work a technical support job? After explaining to an otherwise educated person (i.e. educated stupid) for the fifth time that when you ask him to "right-click with the right mouse button" it is not the same as "double-click (with the left)" you start thinking about remote desktop yourself.

        Thankfully that was a long time ago. After a while, you stop thinking of involuntary sterilization as a viable option.

        • by Nutria ( 679911 )

          After explaining to an otherwise educated person (i.e. educated stupid) for the fifth time that when you ask him to "right-click with the right mouse button" it is not the same as "double-click (with the left)" you start thinking about remote desktop yourself.

          Three cheers for the CLI !! You IM the luser commands to run and have them paste in the results.

    • Re:Login Screen (Score:5, Interesting)

      by Albanach ( 527650 ) on Saturday October 08, 2011 @06:41PM (#37651050) Homepage

      This isn't going to be very useful if it requires a user to be already logged in to work.

      I presume you mean "this isn't going to be very useful to me".

      I have supported loads of people who just need assistance doing something on their computer. Almost everyone bar you has helped family and friends with various computer tasks.

      Sure you can do this with some existing technologies, but they tend to be either complex to set up or limited to a specific platform.

      I'm sure that, if they can keep it secure, a free, easy to install, multi-platform remote desktop solution will be attractive to many on /.

      • by mcgrew ( 92797 ) *

        It would be nice to be able to access my main computer at home from my netbook when I'm drinking at a bar.

    • This isn't going to be very useful if it requires a user to be already logged in to work.

      Why not? It sounds like its directed at aiding with remote tech help requests-- think "family and friends are having issues", and this lets you log in and help them.

    • by mgblst ( 80109 )

      This may not be your site, if you think your web browser will let you log into a computer? You might want CNN.

  • In other words (Score:5, Insightful)

    by denshao2 ( 1515775 ) on Saturday October 08, 2011 @05:55PM (#37650806) Homepage Journal
    A new security vulnerability has been introduced that will be marketed as a useful feature that rarely gets used for its intended purpose.
    • by Anonymous Coward

      Something else that I just don't get with "technology" like this is how it's mistakenly seen as "innovative" because it somehow involves a web browser, although it's something we have been able to do for decades using other software.

      This is basically the same as telnet, or rsh, or ssh, or VNC, or the many other technologies that do the same thing. Fuck, this is something we could even do in the browser years ago! I remember using a Java applet that let me connect in to computers at work using ssh or VNC. Th

      • Because the people (read: clueless lusers) we were trying to help years ago had no SSH or VNC server installed, nor NATed ports on their routers to make it work.

        Now all (s)he needs is to have the browser installed, which (s)he might very well have already. It's very, very different, albeit not in a technical way.

        • Me then: Hey grandma, go to this URL and download and install VNC.

          Me now: Hey grandma, go to this URL and download and install Chrome.

          Not seeing how the authentication works yet, I'm guessing VNC might actually be simpler.

          • VNC will need you to walk grandma through a reboot, through configuring VNC, through configuring a port on her router, and then through turning VNC server off afterward to close the security hole.

            Chro-mote will just need her to download and run a program, and then visit a particular URL, and maybe read a number to you over the phone. The lack of router config I think, is the biggest win here ; people are used to links, but not arcane looking network settings. She might not even know which IP address her rou

          • I run a website for a small theater company. The audience is anything but technical. Yet 40% runs Chrome.

      • by jdogalt ( 961241 )

        +1. The C.S.-101 catchphrase would be 'what is old is new again'. In a related vein, the computer developer in me was hit by Steve Jobs death, regardless of the fact that much of his modern fame involved not the main innovations, but rather polishing and driving them to market with a coherent vision (and the power that a deep bank account provides didn't hurt his odds either). I.e. the ipod was a brand of mp3 player, not a music playing device invention. Likewise this latest google gadget is a brand of

        • by cgenman ( 325138 ) on Saturday October 08, 2011 @10:05PM (#37651770) Homepage

          As an Archos Jukebrick fan myself, the innovative part that the iPod brought was bringing the technology to a functional level of convenience. The iPod was the first one that fit in your pocket.

          I'm not going to be able to explain to my mother how to get an ssh server up and running on her machine. But getting Chrome installed with an extension? That I could believe.

          The key is *enabling.* Twenty years ago, setting up an FTP based home file synchronization service was technically possible. But it was a huge PITA. DropBox automated everything with a simple single login. Similarly, simplifying VNC into something that everyone already has. That means that people who wouldn't have exposure to remote control, now do.

          • by jdogalt ( 961241 )

            "As an Archos Jukebrick fan myself, the innovative part that the iPod brought was bringing the technology to a functional level of convenience. The iPod was the first one that fit in your pocket."

            I owned a rio800 in 2001. Not much longer or thicker than its power source, a AA or AAA battery (I think the former, but thats still smaller than a deck of playing cards, and probably half the weight). I still would prefer to be able to carry bog standard extra power cells like a AAA to power my player, though my

            • by cgenman ( 325138 )

              The Rio800 was a flash-based player. A solid one... I had a Rio PMP300 and 500 as well, and gazed longingly at the Rio 800's 128MB of space. But the original iPod had a micro HDD, up until then only used in photography, which started at 5GB of space. They definitely were the first to jump down from notebook hard drives to micro drives, in order to get a HDD based player into your pocket.

              The signature scroll wheel is also easier to navigate large lists of songs with. And Apple was the first to integrate

              • by jdogalt ( 961241 )

                "The iPod won because Apple took a niche technological gadget,"

                That is the key point of our disagreement I think. What you describe them doing to what you describe as a 'niche tech gadget', I would alternately call the blazing obvious happening to the blazing obvious mainstream device. There was nobody who in y2000 and much earlier, did not see that computer memory and processing devices were shrinking, and that as you could now have a music system in a PC size device, that eventually you would have one i

    • by kesuki ( 321456 )

      the whole idea of which was called VNC and was originally designed by At&t!

    • In other news a computer companies continue to provide users with a button to turn their computers on despite the obvious security risks introduced when the machine is running.

      Everything is a security vulnerability. An OS is a vulnerability. Having a computer connected to the internet is a vulnerability. A web browser is a vulnerability. Even your post and the fact it was modded insightful is a vulnerability to the sanity and common sense of people reading it.

      • i realize you were being rather sarcastic, but there's a difference between "There is an attack surface that, given enough time, a determined hacker can exploit" and "there's an exorbitantly easy exploit being built directly into the browser".

        • "there's an exorbitantly easy exploit being built directly into the browser".

          I wasn't being sarcastic at all. The parts of our lives that have been most helped by the emergency of technology are the most easy to exploit. They are all born out of convenience and interconnectivity.

          My point is if you want security they you may as well give up many of the useful functions of your computer. You plug in a Windows XP machine to the internet and it gets owned before you even have a chance to load up the windows update server. Yet here we have a extension, unlikely to be very widely used, co

    • If your concern is that the remote access software might be able to be used without a valid auth code, why wouldnt that apply to solutions like TeamViewer? Or RDP? Or VNC?

      Or is your concern that its "within a browser", and thus inherently must be insecure?

      • Or is your concern that its "within a browser", and thus inherently must be insecure?

        In a nutshell, yes. One great way to take relatively small security concerns and greatly magnify them is to have a single application that tries to be everything and do everything for everyone. The browser is involved in too many different things as it is. As it becomes more and more central, it is also a more and more tempting target. A worst-case compromise now has fewer barriers in terms of the damage it can do.

        I

        • Except that to all appearances this requires the user to go to a specific web site (or somehow generate a control code) and explicitly allow the connection. It's still not without some security concerns I suppose, but it would require a fair amount of fooling both Google and the user to abuse it. Mostly I can see it as being a great way to help friends/relatives with their computers. As a double plus good you can help your mom with her Mac from your Windows box, or your dad with his Windows box from your

        • Or is your concern that its "within a browser", and thus inherently must be insecure?

          In a nutshell, yes. One great way to take relatively small security concerns and greatly magnify them is to have a single application that tries to be everything and do everything for everyone. The browser is involved in too many different things as it is. As it becomes more and more central, it is also a more and more tempting target. A worst-case compromise now has fewer barriers in terms of the damage it can do.

          If you are (implicitly, of course) saying that adding remote access to an already complex Web browser has absolutely no security implications whatsoever and no amount of caution could possibly be reasonable, well, I say that statement carries with it a burden of proof. Until you demonstrate otherwise, that positive claim is rightly considered false.

          Those who disagree with you by default are merely being sensible.

          Hmmm. Isn't "a single application that tries to be everything and do everything for everyone" a reasonable description of the OS? I'm not attempting a reductio ad absurdum, but it seems to me your (legitimate!) concerns over the security issues involved when you start adding functionality to software had to be solved for the OS, and those lessons can be applied to the browser.

    • by fermion ( 181285 )
      This is what I was thinking. If MS did this we would all be screaming about bloat and the security implications. Sure there may be millions of layers of security, but security has a way of being circumvented.

      We are moving into another scary world with very little forethought. We are putting all our data online with free services without thinking deeply about securing that data. This is like when we hooked our computers to the internet without knowing that we were exposing ourselves to every two bit sc

  • Totally safe (Score:5, Insightful)

    by EdZ ( 755139 ) on Saturday October 08, 2011 @05:55PM (#37650810)
    Yeah, giving your browser the ability to completely control your machine. Brilliant idea. No possible exploits there!
    • by Anonymous Coward
      Agreed. I'll go one further - it is fscking stupid to allow a browser (which should be sandboxed and unable to access anything outside of its window frame) remotely control your machine. Dumb Dumb Dumb. Google used to understand this. Apparently they went insane recently?
      • They realize that consumers don't give a shit about security until you first give them enough convenience to hang themselves with; after that though they complain a lot but you already have all their money and their business by then so it doesn't matter.

      • The process which will 'control the machine' will most probably have almost nothing to do with the processes which control the windows. That's how the whole browser is built: lots of independent processes limited on what they can do and able only to talk to each other over well defined interfaces.

    • by Bengie ( 1121981 )

      There are several other web services that do just this via IE. Very popular with customers since you don't need to ask a network admin to open ports/etc.

    • Re:Totally safe (Score:4, Insightful)

      by thegarbz ( 1787294 ) on Saturday October 08, 2011 @07:18PM (#37651202)

      Yes another mindlessly idiotic post.

      We should eliminate all possible sources of exploits regardless if they are attached to useful things. I have the perfect computer:

      - Runs Linux with all the latest security kernel enhancements.
      - No browser installed to prevent users from accidentally finding something malicious on the net.
      - Not network connected to prevent attacks from outside.
      - No monitor to prevent people looking over your shoulder stealing your sensitive data.
      - No Powersupply to make sure it can't be turned on, after all a computer that's not running is secure right?

      Yes it is a brilliant idea, for many reasons. Yes there's a possible security exploit. Yes it's quite probably a risk worth taking.

      • by cgenman ( 325138 )

        I laugh at your security-enhanced Linux from my virus-free no-external-plugs QNX brick.

    • Going by that line of thinking, a browser is a giant exploit. No browsers, fewer exploits.
    • by Rich0 ( 548339 )

      Well, considering that it was originally invented for ChromeOS I think the concept was that the browser already was the machine...

  • Microsoft already does this. https://devices.live.com/ [live.com]
  • by macraig ( 621737 ) <mark.a.craig@gmail . c om> on Saturday October 08, 2011 @06:06PM (#37650878)

    This can only be a useful alternative to existing tools like TeamViewer if and only if the Chrome browser itself becomes a truly ubiquitous browser, found on EVERY machine. Otherwise, what's the difference if one still has to install software on both systems to make it feasible? In this instance, it's actually two installations, given the need to install the extension as well as the browser itself.

    • by Qwavel ( 733416 ) on Saturday October 08, 2011 @06:29PM (#37650980)

      "Otherwise, what's the difference if one still has to install software on both systems to make it feasible?"

      Well, given that TeamViewer starts at $700 for commercial use, I would say there is rather a large difference.

    • This can only be a useful alternative to existing tools like TeamViewer if and only if the Chrome browser itself becomes a truly ubiquitous browser, found on EVERY machine

      ....Or if you support friends and family, and can standardize them on Chrome. Or if you are a network admin, and roll out Chrome MSI with GPO policies that preinstall this.

  • Does not sound like bloat one bit.

  • Because 20 years of getting raped over the internet is just not enough.
    • They could have at least used their own damn implementation of the NX protocol [google.com] and got work going around porting it to Windows and Mac. Maybe then NX would finally start to replace VNC and the FLOSS community would have a high quality remote desktop environment (and by high quality I mean HDX responsiveness). Or, god forbid, an HTML 5 client -like Ericom's AccessNow [ericom.com] which is marketed for Chromebooks. You know, anything other than reinventing the damn wheel.

  • In case you're wondering out it works around NAT on both ends.

    FTA: "Bottom layer is p2p connection established by libjingle [a Google collection of peer-to-peer software tools], this can be UDP, TCP, or relay through Google."

    In other words, at least one "client" needs to have a port forwarded from the NAT firewall. Otherwise, it will still work, relaying through Google.
  • The source for the extension is available so this might be a good chance to create an open-source alternative to TeamViewer and LogMeIn.

    http://src.chromium.org/viewvc/chrome/trunk/src/remoting/base/ [chromium.org]
  • "You can get all your work done on a Chromebook (small-print: if you VNC to a computer with a hard drive.)"

  • I find these much more impressive:

    http://www.thinvnc.com/index.html [thinvnc.com]
    http://www.ericom.com/html5_rdp_client.asp [ericom.com]

    Not the least because every Windows machine has an RDP server on it (that is very easy to enable in Control Panel even for a clueless casual user), and most Unixen are easy to configure with VNC.

    • by Malc ( 1751 )

      I had to connect to some machines in California from London via VNC the other day. A timely reminder of how much I hate that protocol: it's so slow. RDP completely kicks its arse. The OS X server side implementation seems particularly slow, but even with everything turned down in TightVNC and JPEG compression turned up, it's still horrible (and there are all of the bugs in TightVNC on Windows, like on some machines failing to redraw the screen). Only RDP seems to be able to cope with higher latency conn

  • The fallback is to use Google servers. Are there any guarantees Google can't track that data is some way? I don't know enough about how this works to have any idea what's technically feasible. If it is feasible, is this another one of those things where people will say, "Well, they're a private company. They can do anything they want"? Who's looked at this? What have they found?

    That's a fairly minor wrinkle on the main one. Setting up browser control of OS may not be that big a deal on the tech support

"I am, therefore I am." -- Akira

Working...