2009/4/8 alan c <aecl...@candt.waitrose.com>: > Gitso: > Thanks for the heads up! I have used it - and it works! :-) > I will be using it a lot more in future to support friends and family > with ubuntu. > > I am also using vnc with ssh tunnel to support a particular person, > and I have been trying to fathom what the differences in security are > between the two approaches - gitso and vnc in ssh tunnel. > > As far as I can see, gitso does not invoke ssh at all, so in principle > the streams are not inherently secured. > > I have concluded that security issues are acceptable as long as > 1) in giving support I do not key anything confidential in at my end > such as the supportee's passwords because the character information is > transmitted unencrypted, and > > 2) the supportee does not type anything into the screen which is > confidential such as credit card number, during a session, since > credit card number is shown on the screen which is shown visibly > > I also conclude that if the supportee types in their password > themselves it is ok because all that is shown on screen is dots, and > their password keystrokes are not transmitted to my end, only dots. > > I trust my conclusions are correct (?) Any comments will be much > appreciated.
I wouldn't agree with the second conclusion. Have you seen the image recognition stuff the spammers have for cracking captchas? Cofion, Neil. -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
