Summary: Remote assistance is a very appealing feature to allow someone to remotely fix your machine. The risks, however, are significant.
Is it safe to allow a tech support person from a reputable firm to have remote access to your computer to solve a problem? I recently had an issue that required me to contact such a company, and permitted the tech to view my desktop. My problem was solved, but I couldn't help thinking that this was a bad idea. Can they browse around inside your machine if you give them this kind of access?
•
How much do you trust them?
No, seriously, how much do you really trust them?
Because, all other issues aside, this is all a matter of trust.
•
It depends on the technology that the remote assistant uses, but yes, you are in fact giving someone the potential of complete access to your machine.
They could presumably do whatever they wanted.
Now, most of the remote access technologies used by these firms allow you to watch what the technician is doing as he or she does it. That's kinda cool, and often even instructive.
The problem is that once connected, there's actually no guarantee that there isn't more going on that you can't see.
That's why I say it's all about trust.
Remote access is a wonderfully appealing tool. Rather than relying on your description of the problem the technician can see the problem, and investigate directly on your computer. Rather than trying to walk you through a complicated set of steps that you don't need or care to actually understand to resolve an issue, the technician can just do it for you.
I really, truly, honestly get the appeal.
The problem is compounded because there are several levels of trust at play as well. You might trust company X - many companies are absolutely worth your trust. You might trust that they or their technicians don't have malicious intent. But how do you trust that the technician you're talking to actually knows what he or she is doing? How do you even tell?
Personally, I'd be very reluctant to let anyone connect up to my machine that way. In fact, I can perhaps vaguely recall allowing someone to do it once, a long time ago.
But I do also realize that sometimes it's just the most expedient approach to problem solving, and that by-and-large the reputable companies and technicians doing it are probably quite competent.
But it still feels like a huge risk.
I'd just make darned sure that you only do this with companies that you trust deeply, and that you try to establish some level of trust with the individual technician you're dealing with.
And, for safety's sake, make a full backup of your machine first. Just in case they screw it up (which, sadly, I've heard of as well).
Related:
-
What is Remote Desktop? Remote Desktop allows you to use your Windows machine remotely, almost as if sitting in front of it. Coupled with a VPN solution, it's very powerful.
-
How can I access my Windows XP Machine Remotely? Windows XP Pro includes functionality to access the computer's desktop across a network. Remote Desktop must be enabled and configured properly.
Article C3767 - June 20, 2009
One of the first things that I do after I reformat my machine is to turn OFF "Remote Assistance".
Posted by: Carl R. Goodwin at June 23, 2009 8:31 AMI disabled Remote Assistance almost as soon as we got our computer. That was so long ago (and I do believe I used more than one method) that I no longer remember how to re-enable it, assuming that such should ever be necessary.
And I shall make SURE it ain't necessary, because NOTHING can EVER be THAT necessary!!!
Posted by: Glenn P. at June 24, 2009 6:39 AMas a technician i am very happy with remote access. it means i can solve my customers problems from a distance and that means faster. as otherwise the client will have to bring the pc or laptop to me (or i have to go to them) there is no extra risk for them. the risk is there anyway when i have the machine on my desk with full access. obviously my clients trust me. they have to trust me otherwise i can not solve the problem. in my opinion only when you are skilled enough to solve each problem yourself you have the option not to give access to somebody else.
Posted by: misja at June 24, 2009 9:14 AMI've, worked in several phases of this technology in the last 25 years. I'm semi-retired now, and I use remote control almost exclusively for support. It allows me to keep the labor charge down by discounting my cost & time to travel. And, I don't have to carry disks (tools) etc, to a customer's site. Everything is on my local system that I'll need.
Posted by: Thom at June 24, 2009 4:21 PMwindows remote access can be disabled, but I use a remote access not involving the windows service as part of my job....
Posted by: Jeffrey at June 24, 2009 11:01 PMthe other point to make is, as I have read on other posts, if it is not physically secure it is not secure, and the other options for the service my company provides is for the customer to take the computer to the storefront or a tech to go the home. That means there is no difference between what I do remotely, and what any other tech for the company does.
I understand the concern for security and safety with having someone you know nothing about, gaining access to your PC remotely, granted or not. But you must ask yourself this question. Is it any safer to bring your PC to a local support shop for repair, when you know nothing about them either?
I looked at it this way. When you give access to a technician remotely, of course there is the risk they may access more than you hope. But at least you can terminate the connection at any given time you don't feel comfortable with what they are accessing. Yes, you have that much control over the entire process, thanks to todays standard of connectivity. You have to actually say yes to it before they actually connect to your PC, and can stop the process anytime.
However, what about the process you can only control to a point when you bring your PC to a local repair shop. You bring your PC in, you gave your information to someone(could be a technician), and then was told to come back the next day for pickup. But what you may not know is the level of invasion into your privacy that took place in this process, and the big thing is, you can't stop it and you don't really know what they did.
At least with remote access, you can see everything the technician is doing.
Cheers
With remote assistance from many large vendors you have no idea who it is that you're letting access your machine. They could be next door, they could be on the other side of the planet. If you call back with an issue, you'll likely get a completely different person who won't know what the first one did. IMO it's just too anonymous, and too risky.
I totally understand the appeal to the technicians themselves - they, of course, know who they are and know that they are trustworthy. Unfortunately customers don't have that knowledge, they can only make assumptions.
27-Jun-2009
Posted by: Hughon at June 27, 2009 12:22 AM
Completely agree with article, Leo.
My first (and probably last) experience with Remote Assistance (with my ISP) was less than perfect. Was trying to install the ISP’s security suite and the download button on the website did not work. The technician wanted to do Remote Assistance.
After downloading a considerable number of files to make this possible, the tech flew through screen after screen for about 10 minutes and had to give up. (Much later I found out that all that had been needed was to uninstall the prior version of that security suite first).
After the Remote Assistance, problems immediately began with my Internet connection, and a System Restore did not help. I ended up having to reinstall Windows (with Dell’s guidance).
The computer damage may have been an unusual case. But, at best, the technicians simply work too fast for a novice to follow what they are doing, and the session left me just as ignorant as before. Personally, for me, it is far preferable for the technician to give steps and let me do the work so that I can learn how to hopefully solve the problem without tech support if it happens again.
Posted by: Bonita at June 27, 2009 12:17 PMThe advice to make a disk image backup before letting a total stranger "drive" your computer is an excellent one. No matter what the software problem is, an image backup from a bootable CD should be possible. Great defensive computing, Leo.
Let me also suggest using an external hard drive for storing all your sensitive files. This way, by simply removing the hard drive you know there is nothing on the computer that you wouldn't want a stranger to see (be they a remote stranger or a local computer repair outfit).
I have no connection to Lenovo at all, but I very much like the concept behind their ThinkPad USB Secure Hard Drive. Its an external 2.5 inch hard drive that does hardware encryption with NO dependency on any software on your computer at all. You enter a password into the device by pressing buttons on it. Your computer is oblivious to the hardware encryption, so it should work with any OS.
Of course, you pay more for this security in the ballpark of $90 extra when compared to a standard external hard drive. But, if you have sensitive files, its a great way to go.
I don't use it, preferring the free TrueCrypt, but I'm a techie. For many computer users dealing with TrueCrypt is too much. And, there is great safety in not having any sensitive files on the computer at all, encrypted or not.
See my blog for more about the hardware
Posted by: Michael Horowitz at June 30, 2009 3:08 PMhttp://blogs.computerworld.com/about_the_lenovo_thinkpad_usb_secure_hard_drive