Screen Sharing Security Hole!!

At my school we use remote desktop and also the computers have screen sharing on. today i learned that if you type in a persons username without their password it will first say username or password is invalid then if you do it agien without changing any thing it will grant you access. ***

Don't know much about screensharing but did a search and found this article.
It may have some more information for you, sorry I can't be of more help.
http://www.peachpit.com/guides/content.aspx?g=mac&seqNum=232

Similar Messages

  • Screen sharing security?

    I'd be interesting to hear thoughts on the security of the screen sharing feature of Leopard.
    Is the content of the interaction protected or encrypted in any way?
    How easy would it be for someone to engineer a screen sharing 'attack' on a computer (without the users consent, obviously)?

    iChat Screen sharing requires that you Accept the call.
    It also contains an Audio component so you can talk to the person involved.
    As with any iChat A/V related chat it is Peer-to-Peer on a 1-1 basis.
    Given that it does go through many server on the internet between you and your Buddy (like a telephone call would) it does not go through the AIM servers like a plain text chat does.
    On the other hand the data is not encrypted unless you both have @mac names and IF anyone was actually at those Internet servers in between the data could be read.
    However you can end a Screen Share with the keystrokes Control+Esc
    From iChat Help
    *About screen sharing security*
    When you share your screen with a buddy, the buddy has the same access to your computer that you have. Share your screen only with trusted parties, and be particularly careful if you receive a request to share your screen from someone who isn’t in your buddy list.
    If the request comes from someone in your Bonjour list, remember that the person’s name is not necessarily accurate, so his or her identity is uncertain.
    While every screen sharing connection uses encryption, the highest level of security requires both participants to have .Mac accounts with encryption enabled. If this is the case, you will see a lock icon in the screen sharing window.
    If you need to quickly end a screen sharing session, press Control-Escape.
    Realistically it as dangerous as opening an email that you don't know the origins of and then opening a file contained in it.
    I personally have not tried transferring stuff from one computer to the other.
    So I don't know if there are any alerts to say a file is being sent. I would expect a progress bar at least but then again this may not be the front window.
    There is/was one Virus that was in the wild for the Mac OS X.
    It did involve iChat.
    To get it you had to have been sent an email and open what looked like a .jpg file.
    It would then spread to your other Bonjour Contacts via iChat.
    i.e. you had to do quite a lot yourself to actually get this virus.
    Ryan M who posts in iChat 3 posted a fix.
    In terms of how secure compare it to having to login in here at Apple.
    It's over the net and you have the control to end it but it is possible for people in the right place at the right time to read the data.
    if you give info away about yourself here such as your ID and password then people could use that (but the login page itself is a secure page).
    These questions are always hard to answer as an idea of a security risk tends to be a personal thing.
    10:26 PM Wednesday; June 4, 2008

  • IChat screen sharing security/encryption

    I'm going to be using iChat for the first time and want to use the screen sharing feature between two computers running 10.6. iChat's documentation says:
    "While every screen sharing connection uses encryption, the highest level of security requires both participants to have MobileMe subscriptions with encryption enabled. If this is the case, you will see a lock icon in the screen sharing window."
    Neither I nor the person I'm going to do screen sharing with has a MobileMe account. I'm wondering:
    1. What is the difference between the encryption that "every screen sharing connection uses" and the enhanced security allowed with MobileMe accounts? How does this compare with, say, doing VNC over an SSH connection? Is it adequate for the usual "family help desk" tasks, which may involve typing passwords?
    2. I understand that one can get a free MobileMe account which only has iChat capabilities. Does this free MobileMe account enable iChat encryption, or do I have to pay to get that?
    Thanks!

    re 1)
    I am not aware that Screen Sharing is claiming to be Encrypted in each and every connection.
    As far as I am aware it uses a modified Apple Remote Desktop engine and is a VNC connection tied together with a Audio Chat (two separate Ports/Data streams in tandem) and that a problem connecting either part will result in failure of the whole connection.
    It is claiming to be encrypted in each and every connection -- as I quoted in the original post, "While every screen sharing connection uses encryption..." This is from http://docs.info.apple.com/article.html?path=iChat/5.0/en/17157.html

  • Screen sharing security question

    I recently set up my imac to allow screen sharing from my MBP. On my iMac I randomly see the screen sharing icon appear in the menu bar despite not being connected. Is this normal?
    Also i setup security so that it should only be me that is able to connect via password to my iMac, yet there is aslo an option to connect as a guest which connects & shows the imac screen & allows me to do things.
    I thought the whole point of setting access only to me was that no-one else ( eg guest) could connect.
    i am a bit baffled here, can anyone help me out?
    TIA,
    john

    I would not consider the presence of the screen sharing icon normal. I encourage you to open terminal and run the command
    netstat | grep vnc
    the next time you see it. This will return either nothing (bringing you back to the prompt ending in $, or return a line such as this:
    tcp4 0 39 10.0.42.116.vnc-server 10.0.42.243.54233 ESTABLISHED
    In this case, my Macintosh is 10.0.42.116, and the computer connected to it is 10.0.42.243.
    By this method you can determine if there is a glitch causing the icon to appear or if there is actually a connection being made to your Macintosh.
    What you are probably experiencing with the guest account is a bit of confusion related to how Finder thinks of computers.
    The Guest/User Account is not for Screen Sharing, but for File Sharing.
    When you clicked "Share Screen..." the first time, regardless of if you connected to file sharing as Guest or Registered User, you got a box requesting "the username and password to share the screen of (computer name)." There, you probably selected remember password in keychain, and that is why you are not being prompted again, and why you are connecting to screen sharing as a guest. (You're actually connecting to screen sharing as your registered user, but you are connected to file sharing as a guest).
    To change this behavior, (on the client Mac) navigate to Applications, Utilities, Keychain Access. There, you will find an entry with a blue @ sign as an icon, and your destination PC's name. The Kind will be Network Address and when you select the line the "Where" in the info viewer panel will begin with vnc://. When you find this line, press the delete key to remove the saved password, and don't tick the "remember" checkbox again.

  • Having security issue with SL Screen Sharing

    Hello,
    Maybe I am missing some new setting in Snow Leopard that increases screen sharing security, but as it is, screen sharing is now insecure on my network.
    Prior to Snow Leopard I would log into my Mac from another without selecting the "remember this password in my keychain"... after finishing the session, I would again be asked for my password before ropening a new screen sharing session. All machines on the network were Leopard.
    Now, with all macs on the network Snow leopard, on one of the machines I can log on in the morning, work for a while, quit screen sharing, and go back in an hour and start sharing that mac's screen with no password required. Anoyone else can can do this also! I have checked the keychain on the Mac I am viewing from and there does not seem to be an entry there for screen sharing.
    On another of the Snow machines it always asks for the password, but on 2 of them, once I have started viewing another Mac's screen a password is no longer required regardless of the fact that I haven't checked that "remember password" .
    This means that after I leave a Mac from screen sharing it, someone else has full access to that machine just by clicking on the Share Screen button... unless I can close the hole somehow.
    Any ideas or a way to fix this would be appreciated.
    Thanks
    Jamy

    Hi all,
    I just upgraded to Snow 10.6.2 so through 2 separate updates, this security hole on all 3 Macs on my network exists.
    To test it I went to an office and opened a screen on another (Snow Leopard) Mac that was set up to allow users only to connect. I then quit Screen sharing, and returned 3 hours later, only to be able to open the Hard Disk window and return to that Mac's screen without any passwords required. I was very careful not to allow the Keychain to remember me.
    Since I originally posted I see another thread has begun up expressing essentially the same issue.
    I would strongly advise anyone who uses Snow Leopard in a secure environment , at least through 10.6.2, to disable screen sharing or risk unauthorized access, or monitoring, of their Macs from within their networks. Screen Sharing's security settings (if they work at all) do not work on Snow Leopard the same as they worked on Leopard.
    I have not found a fix for this in the 3 weeks since I first noticed it other than to disable it, or restart the Mac I started the session from, then it will ask for a password, but that is hardly an acceptable fix in some secure or corporate environments (akin to having to restart in order to empty the browser cache when accessing webMail lol)
    Regards,
    Jamy

  • Possible Login Screen Security Hole in Lion?

    I think that I have found a glitch in the login screen in Lion that allows a user to hack in to an account without a password! It appears to occur on Macbooks with OS X Lion and here is how to reproduce it:
    Make sure that you account is password-protected and that you require a password 5 seconds after the screen saver/sleep begins. Also, be sure that you have the default "hot corner" settngs and OS X Lion. Lastly, make sure that Finder is on the farthest left icon on your dock and that your screen saver is set to spectrum!
    Close all open windows to see your desktop.
    Now, close you Macbook lid, wait 10 seconds, and open it up. You should see a screen similar to the one shown below, but with your wallpaper & info: 
    Now forcefully (yes, forcefully) restart your Mac by pressing down command, control, and the power button at the same time.
    Wait for your Mac to start up and you should see the same screen you saw (like the image above.)
    Click in the battery/time/wifi signal/etc. area in the top right corner without mousing over the courner.
    Now, mouseover the top right corner of the screen, as it will launch some kind of odd "mission control". From there, ANYONE can control your Mac without seeing your screen. From there, mouse over where you think Finder is on the dock (in the bottom-left corner of the dock) without mousing over and corners of the screen and click it. That SHOULD launch finder on your Mac.
    The login screen should reappear! (Odd, isn't it?)
    Now, mouseover the bottom-left corner and hold esc as soon as the screen turns completely dark. If sucessful, you should see your screensaver show up. While holding esc, move your mouse around towards the bottom-right corner. You should see your cursor over top of the "wheel of doom".
    The screen should flicker and you have hacked in to your account! Funny, isn't it?
    You should see finder over top of your desktop if you located finder correctly in step 7! Cool?
    If you are not sucessful, restart the entire process from step 4 and skip steps 7-8. If it doesn't work out for you after a few attemps, give up! Let's not waste any time on hacking in to an account (unless you are a hacker.)
    Is it just me or can anyone else reproduce this? If it occurs (or not), please list your Macbook's specs and details in a reply.

    jonathan_2005 wrote:
    One of the options in the security panel permits a user to require that a username and password be entered to login once the screen saver locks your account.
    The option is "Require password to wake this computer from sleep or screen saver"
    Although one would assume that the credentials required to wake the computer is the username/password of the account that was being used when the computer went into sleep mode or the screen saver.
    Never assume
    WRONG!!! Anyone with an account on the machine can enter their username/password and wake the computer and voila that user now has control of the machine as the former user. That's right you guessed it HUGE security hole.
    Anyone with a standard user account? Are you quite sure?
    Anyone thinking that they can wake away from their machine and have the screen saver or sleep mode protect their account after a specified period of time is sadly mistaken. Anyone with an account on the machine can enter their own username and password and drop right into your account right where you left off.
    I never think that way. A more secure lock is ensured by using the screen lock feature of the keychain.
    Can you believe this stuff?
    Not sure what stuff you refer to.
    No warning, no release note to tell you of such a poorly designed "security" option.
    Would you believe that anyone can access your computer? Stolen computers are regularly started up without much problem.
    Apple please fix what must have been an oversight or at least tell people about this intentional design BEFORE they find anyone can wake the computer and become you as a user.
    You are writing to other users like yourself here, not Apple.
    I also presume you are new to the Mac world.

  • Can you confirm a security hole in file sharing?

    I have found a very annoying security hole, and I wonder if it is unique to my setup. I have my mini set up with file sharing turned on. It has 5 accounts, one administrator, rest ordinary users. My login for the administrative user on my laptop is the same as on the mini. I have not turned on "Back to my Mac."
    From my laptop I navigate to the mini using either (a) the network panel in finder, (b) the local IP (afp://192.168.0.xxx), or the global IP (afp://64.xxx.xxx.xxx). (My router is set up to forward the appropriate ports to the mini's local IP). I mount the administrative user's home directory under apple file sharing. Now I have full access to these files. I DO NOT SAVE THE PASSWORD IN KEYCHAIN. All this is as it should be.
    Now I eject the administrator disk.
    From now on (until I reboot my laptop), I can mount that same disk without a password!
    Can someone confirm?

    {quote:title=William Lloyd wrote:}This is not a security hole.{quote}
    While I can understand that some may consider Kerberos automagically creating what is essentially a keychain without the users express knowledge or consent a "feature", I definitely consider it a bug and a huge security hole.
    The kerberos ticket should not live longer then the user is actually connected to the machine. Currently, if the user clicks the Disconnect button the Kerberos ticket lives on and any future connections to that server will user that ticket. This is not what users (especially novice to intermediate) would expect. If the user clicks the Disconnect button, then they would expect that they are completely disconnected and any further connections to that server would require authentication. Otherwise they leave their machine wide open, hense the security hole.
    The other thing that makes this so nasty is that if the OS decides not to use kerberos, for whatever reason, the behavior is different. It behaves as the user would expect. Clicking Disconnect does completely disconnect you from the server and any future connections will require authentication. So at a minimum there is a dangerous inconsistency in behavior between when the OS uses Kerberos and when it doesn't. That, at a minimum, should be fixed.

  • HUGE SECURITY HOLE IN LOGIN FROM SCREEN SAVER

    One of the options in the security panel permits a user to require that a username and password be entered to login once the screen saver locks your account.
    The option is "Require password to wake this computer from sleep or screen saver"
    Although one would assume that the credentials required to wake the computer is the username/password of the account that was being used when the computer went into sleep mode or the screen saver. WRONG!!! Anyone with an account on the machine can enter their username/password and wake the computer and voila that user now has control of the machine as the former user. That's right you guessed it HUGE security hole.
    Anyone thinking that they can wake away from their machine and have the screen saver or sleep mode protect their account after a specified period of time is sadly mistaken. Anyone with an account on the machine can enter their own username and password and drop right into your account right where you left off.
    Can you believe this stuff? No warning, no release note to tell you of such a poorly designed "security" option.
    Apple please fix what must have been an oversight or at least tell people about this intentional design BEFORE they find anyone can wake the computer and become you as a user.
    Thanks,
    JH

    jonathan_2005 wrote:
    One of the options in the security panel permits a user to require that a username and password be entered to login once the screen saver locks your account.
    The option is "Require password to wake this computer from sleep or screen saver"
    Although one would assume that the credentials required to wake the computer is the username/password of the account that was being used when the computer went into sleep mode or the screen saver.
    Never assume
    WRONG!!! Anyone with an account on the machine can enter their username/password and wake the computer and voila that user now has control of the machine as the former user. That's right you guessed it HUGE security hole.
    Anyone with a standard user account? Are you quite sure?
    Anyone thinking that they can wake away from their machine and have the screen saver or sleep mode protect their account after a specified period of time is sadly mistaken. Anyone with an account on the machine can enter their own username and password and drop right into your account right where you left off.
    I never think that way. A more secure lock is ensured by using the screen lock feature of the keychain.
    Can you believe this stuff?
    Not sure what stuff you refer to.
    No warning, no release note to tell you of such a poorly designed "security" option.
    Would you believe that anyone can access your computer? Stolen computers are regularly started up without much problem.
    Apple please fix what must have been an oversight or at least tell people about this intentional design BEFORE they find anyone can wake the computer and become you as a user.
    You are writing to other users like yourself here, not Apple.
    I also presume you are new to the Mac world.

  • How secure is screen sharing?

    Hi: I have set up my MacPro 2008 to accept screen sharing for one user (me) and I access it from my MacBook Pro via airport/AP extreme (protected by WPA2 Personal) and built-in VNC. Everything works perfectly fine and just as smooth as can be expected from a Mac. My only concern is, whether the connection is safe enough such that my passwords cannot easily be intercepted, or if I need to set up an SSH connection. Any suggestions?
    Thanks.

    WPA2 offers its own encryption, so it's basically secure against anyone not on your LAN so long as they don't have (or break) you WPA2 encryption key.
    That said, you might presume that someone has breached the WPA2 encryption or otherwise gained access to your LAN, in which case the VNC login (and frame buffer data) isn't secure. In that case, what you want is to setup SSH and use the Mac firewall tools to block access to VNC from any host other than localhost.

  • Screen Sharing problem - is it a security problem?

    OK, so I'm having the same screen sharing bug with remote machines.... except when I have my VPN active. Then the remote machines work exactly as normal. With the VPN off, I get the Screen Sharing only error. Anyone who is more familiar with VPNs know what is up?
    Thanks!
    -c

    You may be interested in this helppage<br>
    http://support.mozilla.com/en-US/kb/Is%20my%20Firefox%20problem%20a%20result%20of%20malware<br>
    If you recently had a crash and have sent the crashreport to Mozilla, then you can post a crashreport ID on the forum. Sometimes we can see signs of a virus in the crashreport.

  • MS Office secretly connects to my Mac and scans my activity. How??? Security hole? Exploitable by hackers?

    I have a strange problem. All by itself it's not so serious, but it concerns me that it reveals a security hole which can be exploited by hackers.
    I may be over-reacting, so any reassurance or explanation would be appreciated.
    Here's the situation:
    I have a MacBook Pro running OSX 10.6.5. I also have a new MacBook Air also running 10.6.5. I recently used Migration Assistant to move all my applications from the MacBook Pro to the MacBook Air. The migration worked fine with one very troubling exception.
    One of the applications that got migrated was MS Office 2008 (MSWord, Excel, etc.). When I just had my MacBook Pro, MS Office worked fine. Also, now, if my MacBook Pro is turned off and I'm just using my Air, MS Office again works fine.
    HOWEVER...if I have my MacBook Pro open and running MS Office on it, and then I simultaneously open my Air and try to launch MS Office, I get an error message that says
    "Microsoft Office 2008 for Mac cannot start because Microsoft Office is already in use.
    An office program is being used by Apple Mac. Your installation exceeds the number of installations permitted by the license agreement."
    However, if I then "Quit" MS Office on the Pro, and then try to launch it on the Air, I don't get the error message, and it works as normal. The same thing happens if I switch computers -- if it's running on the Air first, then I can't launch it on the Pro. Basically, only one of the computers can run MS Office at any one time.
    Now, the issue about the MS license agreement is not what concerns me -- I guess the version of MS Office I bought back in 2008 was only supposed to be installed on one single computer, and never migrated to a new computer (I eventually plan to use the Air full time and retire the Pro). I'm probably going to get a newer version of MS Office eventually anyway, and also I almost never use both computers at the same time, so I'm not worried about being unable to use MS Office on both computes simultaneously. No, what worries me is this:
    How does MS Office on one computer even know that my other computer is running and has MS Office open?
    I'm not an expert on networks and sharing and connectivity and all that, so excuse me if I use inaccurate terminology, but...:
    Both computers connect via AirPort to a cable modem and thus share the same wifi hotspot to connect to the internet.
    But as far as I can tell, the two computers are not "connected" to each other. In the System Preferences for both computers, in the "Sharing" panel, all File Sharing is off. Also, none of the sharing boxes are checked.
    Neither computer shows the hard drive of the other on its Desktop. If I wanted to, I could use Finder's "Go" menu, choose "Connect to server," then "Browse," then find the other computer, double-click on it, type in the admin password, and then connect the two computers. But I haven't done that, and MS Office is able to see what the other comoputer is doing, even when they aren't connected in any way (as far as I can tell).
    I find this pretty disturbing. How in the world does the MS Office on one computer even know that the other computer exists? Furthermore, how does it know that the other computer is on and running? And lastly and more importantly, how does it know which programs are running on the other computer?
    One extra detail: in order to try to diagnose this odd behavior, I installed a program called "Little Snitch" which monitors all network activity and notifies the user whenever any malware programs or other sneaky behind-the-scens apps try to send data over your connection without your knowledge. Little Snitch seems to work great but when I test the problem after installing it, Little Snitch did not even detect or report that MS Office was doing any surreptitious network snooping. So whatever MS Office is doing, it's doing it pretty sneakily.
    Here is my worry: Could a hacker somehow exploit this capability of MS Office to monitor activity on my computer without my being aware of it? Or could someone re-adapt this snooping code from MS Office for more nefarious purposes?
    Or am I completely misapprehending the situation somehow?
    Any  reassurance or explanation would be greatly appreciated! Thanks.

    But my question is: How does the software do that?
    It scans the local network for computers trying to "share" software that is only supposed to be licensed for one computer. I can't give you a technical answer, I can just tell you that's what it's doing.
    then what's preventing less ethical coders from deploying similar but more sinister malware with the same capability?
    Nothing. Any vendor of any software, from a one person shareware or freeware app to a company the size of Apple, Microsoft or Adobe could sneak in damaging code. Any company that wants to stay in business though would never allow it.
    In a typical software company (particularly larger ones), you have not only the people who write the code, but also system analysts who review the code looking for flaws or anything else that shouldn't be there.
    Now I have the fear that if I'm using a wifi hotspot in a cafe or wherever, someone else with hacking skills on that same hotspot could basically see what I'm doing on my computer, without my knowledge.
    The software to pry (they hope undetected) into other folks' computers on an open network like that has been around for years. That's why you at least need to have your firewall enabled when using a wifi hotspot.

  • Is it possible for multiple users to use a "generic" account simultaneously without screen sharing?

    Hey and thanks for checking out the thread.
    I am wondering if it is possible to have users use a generic account at the same time without any sort of screen sharing.
    I have set up a generic user account (for example useraccount, password 1234) for users to use in the time before I can set up a custom user name for them. However, I have run into some issues with this.
    When multiple users log on using this generic account, their applications seem to be shared on each screen. In the room with multiple Mac workstations, if someone starts working on Photoshop, Photoshop will open on every one elses screen who is logged on under that generic account.
    Is it possible for users to log on using a generic network account and have their own isolated work environment or is this sort of sharing a feature? I am new to Mac servers and am not sure.
    Thanks for reading the thread.

    That shared-account approach seems impractical for the various reasons you've identified, as well as the inevitable issue of cleaning up the detritus that'll inevitably build up in a shared account, and for the lack of accountability for activities occuring under the shared account for both auditing and security, and sharing directories would tend to introduce obscure conflicts around which-file-version-wins file updates when the same file is used in several places, and would probably be contrary to any per-user application software licensing agreements that might be involved.
    Put another way, get unique accounts created for folks, and work toward the ability to create accounts for arriving folks, and — if it's applicable here — talk to management about getting any per-user software licensing issues sorted out, whether that's having spare copies purchased and ahead or some advanced notice on accounts, or establishing group software licensing where that's available.
    AFAIK, there are tools around which can automate account creation, too.  Either generic, a tool such as Passenger, or it's certainly feasible to script the account creation sequence.
    Trying this shared-access generic-account approach just looks like it can create more work and more hassles and more effort to me...

  • Screen Sharing and Virtual Desktop

    Is there a way to force a new remote screen sharing connect to a "Virtual Desktop"?
    In my experience, if another user is logged into the computer the new remote screen connection will be forced or given the option to connect to a virtual desktop. This will allow the new connection to run in the "background" without the first connection being influenced.
    The issue is when a new remote connection is initiatied and no other connections are active the new connection will be shown on the computer's hardware monitor. i.e. No option is given to connect via a virtual desktop.
    This is a security issue because a user can connect remotely and if he is the only connection on the computer he will have all his work shown on the hardware display.
    I am hoping to find a way to force all remote connections to be on virtual desktops.

    I guess its worth mentioning that although you can indeed screen share from Leopard to Tiger, it only works when you are on the same network. But Remote Desktop works across the internet...
    Of course the trick to using Remote Desktop from a truly "remote" location elsewhere on the internet is that you have to be able to reach the IP of the computer you want to control, which can be tricky if its behind a NAT and the person your trying to reach is my Mom who has no idea how to configure her NAT, or firewall, or even find her IP address without my help.
    Screen sharing Leopard to Leopard via iChat should be much more straight forward... translation: this will make my life much easier the next time my mom needs help.

  • Screen sharing and the existing plug-in

    I'm thinking about building a nice e-learning solution but
    screen sharing is essential. Can someone explain to me why it's
    technically impossible to use the screen sharing api like it is
    being used by ConnectNow? I don't mind that my users will have to
    download the plug-in just like the ConnectNow users have to do.
    Given the fact that CoCoMo is a hosted service it should be good
    for the Adobe business and the technology is already
    there...

    Nothing (or almost nothing) is technically impossible :)
    The problem here is the addin has access to the client system
    resources (screen and keyboard) and so for security reason it only
    runs signed applications (and the only application we sign today is
    ConnectNow).
    In order to enable SDK applications to run in the addin we
    should either forego the signing (not an option :) or we get into
    the business of validating and signing developer applications, with
    policies possibly even stricter than Apple AppStore :)
    We have some other ideas on how to offer this functionality
    but right now are just ideas, but we understand that this is a
    feature very appealing to many of you and and it's high in our list
    of most requested features.

  • Screen sharing doesn't work in Yosemite

    Screen sharing gives this message on my iMac :
    Process:          
    Screen Sharing [46463]
    Path:             
    /Volumes/*/Screen Sharing.app/Contents/MacOS/Screen Sharing
    Identifier:       
    com.apple.ScreenSharing
    Version:          
    Build Info:       
    RemoteDesktop-3009915~3
    Code Type:        
    X86 (Native)
    Parent Process:   
    ??? [1]
    Responsible:      
    Screen Sharing [46463]
    User ID:          
    502
    Date/Time:        
    2015-01-27 13:31:28.148 +0100
    OS Version:       
    Mac OS X 10.10.1 (14B25)
    Report Version:   
    11
    Anonymous UUID:   
    7E87A766-A68F-42AB-5776-3EC4CEE0DBC9
    Sleep/Wake UUID:  
    E9049456-0F35-432F-A16C-0C7313FDA6B0
    Time Awake Since Boot: 1300000 seconds
    Time Since Wake:  
    3100 seconds
    Crashed Thread:   
    0
    Exception Type:   
    EXC_BREAKPOINT (SIGTRAP)
    Exception Codes:  
    0x0000000000000002, 0x0000000000000000
    Application Specific Information:
    dyld: launch, loading dependent libraries
    Dyld Error Message:
      Library not loaded: /System/Library/PrivateFrameworks/ScreenSharing.framework/Versions/A/ScreenShar ing
      Referenced from: /Volumes/*/Screen Sharing.app/Contents/MacOS/Screen Sharing
      Reason: no suitable image found.  Did find:
        /System/Library/PrivateFrameworks/ScreenSharing.framework/Versions/A/ScreenShar ing: mach-o, but wrong architecture
    Binary Images:
    0x8fe0c000 - 0x8fe3fe03  dyld (353.2.1) <EBFF7998-58E8-32F5-BF0D-9690278EC792> /usr/lib/dyld
    0x92b00000 - 0x92b00fff  com.apple.Carbon (154 - 157) <5A078967-8437-3721-A6B1-70CC00461D7B> /System/Library/Frameworks/Carbon.framework/Versions/A/Carbon
    0x9323b000 - 0x933ffff3  com.apple.QuartzCore (1.10 - 361.11) <9CED60CF-9B7F-3288-A7E9-3AE087F9E076> /System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore
    0x9376c000 - 0x939e8ff3  com.apple.security (7.0 - 57031.1.35) <4721C22E-D6C2-3202-B80D-5E67169466D2> /System/Library/Frameworks/Security.framework/Versions/A/Security
    And a similar message on my MacBook Pro

    same here on a 2010 macbook pro. i routinely use screen sharing to access that MBP from a 2010 mac pro. but ever since installing lion on the MBP (now 10.7.1), i'm asked for my "Kerberos password" -- and i've never even heard of such a thing.
    so far, googling this has not led to anything helpful.
    i love my macs, but stuff like this that impedes our productivity is a monumental drag (to say the least).

Maybe you are looking for