Home   Groups   Digests   Personalise   Search   Login
  POV-Ray : Newsgroups : povray.off-topic : Is this the end of the world as we know it? : Re: Is this the end of the world as we know it? Server Time
31 Jul 2024 16:31:22 EDT (-0400)
  Re: Is this the end of the world as we know it?  
From: Invisible
Date: 11 Oct 2011 04:29:23
Message: <4e93fe63@news.povray.org>
 
On 10/10/2011 06:06 PM, Darren New wrote:
> On 10/10/2011 3:15, Invisible wrote:
>> Have you ever tried explaining all that over the phone to somebody who
>> can't even work a mouse properly yet?
>
> Yep.

...and you don't think a set of instructions of this level of technical 
complexity just *might* pose a little bit of a problem?

>> Of course, you would also need to poke a hole in the firewall for that to
>> work.
>
> No you don't.

So how do you connect to it if it's behind two hardware firewalls plus 
the Windows Firewall?

>> And make sure I edit whatever settings it is necessary to turn on
>> encryption.
>
> It's encrypted by default.

Excuse my scepticism. None of the other Windows protocols are encrypted 
by default, nor even provide the *option* of encryption...

>> And add a secure password. (The current admin password on the
>> machine is trivially breakable.)
>
> That's kind of stupid. You'd be better off with no admin password at all.

Well, yeah. Except that most things that ask you to log in as admin tend 
not to work if the password is blank. (No, I have no idea why.) Still, 
when it's impossible to log in at all unless you're in the building, it 
doesn't really /matter/ how weak your passwords are. But if you're going 
to open up access from the Internet, suddenly it really, really matters 
how weak your passwords are!

>> ...or I could set up a *real* VPN, which is *actually* secure...
>
> What's insecure about RDP, other than you don't actually believe it's
> encrypted and/or you don't understand encryption?

Microsoft didn't bother to include any security whatsoever in the file 
sharing protocol, the remote registry protocol, the printing protocol, 
the name registration protocol, and even the user authentication 
protocol is infamously weak. I'm just rather surprised that they 
actually bothered to put any security into RDP, rather than making you 
pay money for an extra security product.

I'd have more faith in something like TLS - a protocol actually designed 
by security experts, who's only purpose for existing is to provide security.


Post a reply to this message

Copyright 2003-2023 Persistence of Vision Raytracer Pty. Ltd.