Remote Access Tool Misuse & Familial IT Support

I read an excellent article by Nate Anderson in Ars Technica, “How the FBI found Miss Teen USA’s webcam spy” about how they broke the recent Miss USA ‘sextortion’ case.  It got me thinking about how many of my friend and colleagues become temporary IT support personnel at the end or the year trying to help their parents and loved ones through their various computer problems.  While remote access tools are a tremendous help in solving these issues without having to travel to someone’s home; they do pose a risk.  Even my wife’s favorite support tool; Teamviewer has been targeted.  By their design these tools are developed to sit and listen for an incoming connection.  If you do use these tools make sure that you are using a non trivial password or pass-phrase.  Try to make sure that the tool doesn’t load upon start up and requires that someone find and execute the program before a remote connection can be created.  If possible move the link to the utility out of the normal applications folder and into a sub folder so that it is that much harder to ‘accidentally’ launch.

Advertisements