Dave,

Don't use it then.

I rather would have seen you prove my description/explanation false.

As you have not -- and combined with the "get outof my face" type of
response you gave instead -- I must assume that its 1) correct and 2)
something you haven't considered yourself (or, simply wish to ignore).

Regards,
Rudy Wieser


-- Origional message:
David H. Lipman schreef in berichtnieuws
...
From: "R.Wieser"

David,

Huh ?

Well, this is what it looks to me: The Remote computer is allowed,
because
of the necessity of copying, access to a drive on the client machine.
As
I've not seen any restrictions to that this means that the remote
machine
can read, write and alter anything on that drive.

Now if the remote machine is infected with anything, isn't that (the
attached drive) the perfect place to see if any files/executables can be
found to store some viri-offspring in ?

However onnce the tunnel has been created based upon
authentication, it is possible that malware can be passed
through the tunnel.

Yes, thats always a possibility. But do we really need to open the barn
doors for any viri that are in search for files to infect by giving the
remote machine full access to our/a local drive ?

In other words, its not about which port the data is coming thru, or how
many bits the encryption key is. Its way simpler to exploit than that.

If you know anything that proves me wrong than please do so, as I do now
not
at all feel at ease using Remote Desktop.

Regards,
Rudy Wieser


Don't use it then.

--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp