Comment 16 for bug 1281250
Revision history for this message
| Romano Giannetti (romano-giannetti) wrote Re: VNC accessible for Windows machines only with encryption disabled | #16 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
e3ace39
(Get the code!)
@Holger: yes --- I just noticed it too.
I humbly suggest that Canonical or Redhat help the vino developers to add a more common encryption type to the vino server. It is the default (and the facto only) remote vnc server in our system, and in its current state forces everyone to connect **in clear** on the local network. All what you type is sent as is.
I have worked around it wrapping the thing in a SSH tunnel, but still, it's sensible to local attacks and I think it's not a solution for the average user.
@Sebastian, I am not sure if this is a security thing --- after all, before the switch, all the connections were silently made without encryption, but it's scary nevertheless --- sniffing for traffic on port 5900 is easy enough.