Community
Is it secure? or not?
Links used in this discussion
john Randal,
User (Posts: 120)
Mar 12, 2020 1:27:52 pm EDT
Support level: Mini
So when I connect to my office computer from my home via your remotes utilities connection ID, is my connection secure and private or shall I still run another program such as Private Internet Access ? and if I do run the Private Internet Access does it protect me using the remote utilities?
Conrad Sallian,
Support (Posts: 2987)
Mar 12, 2020 1:45:59 pm EDT
Hello John,
Thank you for your message.
First, let me tell you about security. With Remote Utilities your connection is always secure regardless of your license or connection type (direct or Internet-ID). Currently, the program uses TLS 1.2 to encrypt traffic between Viewer and Host. The role of an intermediary routing server is to bounce the encrypted packets, the server cannot read them because they are end-to-end encrypted. You can learn more about RU security on this page https://www.remoteutilities.com/product/security.php
As for privacy, RU is a regular TCP/IP application and doesn't deliberately hide your IP address when you connect to our hosted service or directly to a remote Host. If you want to learn more about what information pertaining to your connection the program can store please refer to our Privacy Policy, the section "Information we collect when you use the Product".
Let me know if you need anything else.
Thank you for your message.
First, let me tell you about security. With Remote Utilities your connection is always secure regardless of your license or connection type (direct or Internet-ID). Currently, the program uses TLS 1.2 to encrypt traffic between Viewer and Host. The role of an intermediary routing server is to bounce the encrypted packets, the server cannot read them because they are end-to-end encrypted. You can learn more about RU security on this page https://www.remoteutilities.com/product/security.php
As for privacy, RU is a regular TCP/IP application and doesn't deliberately hide your IP address when you connect to our hosted service or directly to a remote Host. If you want to learn more about what information pertaining to your connection the program can store please refer to our Privacy Policy, the section "Information we collect when you use the Product".
Let me know if you need anything else.
john Randal,
User (Posts: 120)
Mar 12, 2020 3:16:50 pm EDT
Support level: Mini
So in short there is no need for a VPN using your client to connect to my computer at work , correct?
Conrad Sallian,
Support (Posts: 2987)
Mar 12, 2020 3:27:07 pm EDT
Hi John,
No, VPN is not required. Although you can also connect through VPN as well (in this case you can use direct connection).
If security is a concern, you can also consider enabling some additional security measures. Please, refer to this blog post for more information.
Hope that helps.
No, VPN is not required. Although you can also connect through VPN as well (in this case you can use direct connection).
If security is a concern, you can also consider enabling some additional security measures. Please, refer to this blog post for more information.
Hope that helps.
Pepa Kokes,
User (Posts: 32)
Mar 14, 2020 1:19:44 am EDT
Support level: Free or trial
I would like to add that even though Remote Utilities themselves take care of security, I still like to add another layer using an encrypted tunnel to route the RU traffic through. While this approach takes more setup time and more CPU power (double encryption), it does have distinct advantages:
1) More control over the actual encryption process. RU now uses TLS, but there isn't really much information on how exactly it is done. Every TLS version, including 1.3, can be used in an insecure manner. For example, all it takes to pretty much break the TLS security is to incorrectly implement certificate verification or the reaction to certificate verification messages of the used SSL library. Using a tunnel, I can control this very well, even add features not available in RU (e.g. a smart card may be required to perform the connection).
2) More control over the communication. Specifically, using a tunnel in conjunction with a firewall I can *enforce* that RU does not talk to anyone else than the intended target - all RU communication except for to/from the tunnel is automatically disabled. The documentation says that in a direct communication this is always the case, but with a tunnel+firewall, I can be sure - even taking into account possible errors in the implementation of RU.
1) More control over the actual encryption process. RU now uses TLS, but there isn't really much information on how exactly it is done. Every TLS version, including 1.3, can be used in an insecure manner. For example, all it takes to pretty much break the TLS security is to incorrectly implement certificate verification or the reaction to certificate verification messages of the used SSL library. Using a tunnel, I can control this very well, even add features not available in RU (e.g. a smart card may be required to perform the connection).
2) More control over the communication. Specifically, using a tunnel in conjunction with a firewall I can *enforce* that RU does not talk to anyone else than the intended target - all RU communication except for to/from the tunnel is automatically disabled. The documentation says that in a direct communication this is always the case, but with a tunnel+firewall, I can be sure - even taking into account possible errors in the implementation of RU.
Conrad Sallian,
Support (Posts: 2987)
Mar 14, 2020 5:30:26 am EDT
Hello Pepa,
That may be a wise strategy. However, I can assure you that we have enough expertise to avoid errors when implementing such important things :)
That may be a wise strategy. However, I can assure you that we have enough expertise to avoid errors when implementing such important things :)
* Website time zone: America/New_York (UTC -4)