"We can confirm that the situation is under control and it is safe to use AnyDesk."
Yeah, nah.
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
Community Rules
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]
Notable mention to [email protected]
"We can confirm that the situation is under control and it is safe to use AnyDesk."
Yeah, nah.
Any other recommendations aside from TeamViewer? AnyDesk has been getting worse with each update. Can’t even use a free account to have a dedicated hostname anymore…
The owners are sketchy and they have closed source pro features (which was expected to be honest). They also don't like criticism and ban accounts on reddit for questioning some of their practices (like why has a vulnerability PR not been merged for more than a year). I should know, they banned me from their subreddit for asking this and deleted my comment. I later found out that this was common practice with them.
Isn't that run by some dodgy chinese firm
I really like ScreenConnect.
At least Anydesk didn't take Teamviewer's approach and deny the breach for 3 years while blaming their customers for the problem, but it's time to rethink using these remote access apps.
In the past year for personal use I've moved to VNC and Nomachine server apps that are inaccessible from the Internet without first activating a Wireguard tunnel. The tunnel ports don't even appear to be open when scanned. Hopefully this setup offers more security than relying on a company to make sure their systems are up to date.
Doesn't mean their systems are not up to date, it just means that a security hole has been discovered. Hopefully, it's patched now.
My biggest concern is them having the source.
Doesn’t mean their systems are not up to date...
IMO we will never know. Every company has a vested interest in hiding the cause of a breach if it makes them look bad.
Yay... :(