Re: VNC Security Alert

Quentin Stafford-Fraser ()
Tue, 30 Jun 1998 15:35:18 +0100

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Keith A. Clay: "Re: viewing from Solaris to NT"
• Previous message: Quentin Stafford-Fraser: "Re: Freeze-screen ..."
• Maybe in reply to: John Logsdon: "Freeze-screen ..."

As you say, the ideal would be to wrap the whole connection in compression +
encryption; if using SSH is an option for you I would recommend that for
now.

Quentin
----
Dr Quentin Stafford-Fraser
The Olivetti & Oracle Research Lab

-----Original Message-----
From: James Mc Parlane <>
To: <>
Date: 30 June 1998 13:08
Subject: VNC Security Alert

>I've spent the last few days writing tiny VNC server for Win32 and linux
and
>I noticed that a ClientCutTextMsg was sent to every VNC server I was
>connected to, every time I copied something into the clipboard on my local
>machine (Win32).
>
>Even if the VNC client was minimised.
>
>This means that if you have a VNC session open to a remote machine on the
>internet, then every time your clipboard changes, it will be sent out in
>plain text onto the net.
>
>It also means that if you copy a HUGE piece of text. (I tested it with a
web
>log file) it will waste bandwidth by uselessly transmitting it to the
>server.
>
>I wouldn't mind it it if the text was sent only if the window was active.
>
>Some basic encryption would be nice too.
>

---------------------------------------------------------------------
The VNC mailing list - see
---------------------------------------------------------------------

• Next message: Keith A. Clay: "Re: viewing from Solaris to NT"
• Previous message: Quentin Stafford-Fraser: "Re: Freeze-screen ..."
• Maybe in reply to: John Logsdon: "Freeze-screen ..."

This archive was generated by on Wed Feb 03 1999 - 15:34:55 GMT