Screen Sharing Insecure

When I ran a screen sharing session with a friend, he had control of my screen. I couldn't find an option to limit access to my system while screen sharing. Anyone know where it is? Or does apple still have to implement some form of option for that?

Soundman5 wrote:
When I ran a screen sharing session with a friend, he had control of my screen.
I couldn't find an option to limit access to my system while screen sharing.
that's just what screen sharing is for. if you don't want it, disable screen sharing in system preferences->sharing or keep it enabled but don't give out your password to friends.
Anyone know where it is? Or does apple still have to implement some form of option for that?
I'm not sure what you mean. when someone is sharing your screen you get a scrrensharing menu icon and you can stop a screen sharing session from there. is this what you are asking?
Message was edited by: V.K.

Similar Messages

  • Having security issue with SL Screen Sharing

    Hello,
    Maybe I am missing some new setting in Snow Leopard that increases screen sharing security, but as it is, screen sharing is now insecure on my network.
    Prior to Snow Leopard I would log into my Mac from another without selecting the "remember this password in my keychain"... after finishing the session, I would again be asked for my password before ropening a new screen sharing session. All machines on the network were Leopard.
    Now, with all macs on the network Snow leopard, on one of the machines I can log on in the morning, work for a while, quit screen sharing, and go back in an hour and start sharing that mac's screen with no password required. Anoyone else can can do this also! I have checked the keychain on the Mac I am viewing from and there does not seem to be an entry there for screen sharing.
    On another of the Snow machines it always asks for the password, but on 2 of them, once I have started viewing another Mac's screen a password is no longer required regardless of the fact that I haven't checked that "remember password" .
    This means that after I leave a Mac from screen sharing it, someone else has full access to that machine just by clicking on the Share Screen button... unless I can close the hole somehow.
    Any ideas or a way to fix this would be appreciated.
    Thanks
    Jamy

    Hi all,
    I just upgraded to Snow 10.6.2 so through 2 separate updates, this security hole on all 3 Macs on my network exists.
    To test it I went to an office and opened a screen on another (Snow Leopard) Mac that was set up to allow users only to connect. I then quit Screen sharing, and returned 3 hours later, only to be able to open the Hard Disk window and return to that Mac's screen without any passwords required. I was very careful not to allow the Keychain to remember me.
    Since I originally posted I see another thread has begun up expressing essentially the same issue.
    I would strongly advise anyone who uses Snow Leopard in a secure environment , at least through 10.6.2, to disable screen sharing or risk unauthorized access, or monitoring, of their Macs from within their networks. Screen Sharing's security settings (if they work at all) do not work on Snow Leopard the same as they worked on Leopard.
    I have not found a fix for this in the 3 weeks since I first noticed it other than to disable it, or restart the Mac I started the session from, then it will ask for a password, but that is hardly an acceptable fix in some secure or corporate environments (akin to having to restart in order to empty the browser cache when accessing webMail lol)
    Regards,
    Jamy

  • Screen sharing is not listed in system prefernces?

    hi, I am trying to setup screen sharing so I can use my computer from iPod with vnc,
    I know I need to enable screen sharing from system prefs. But it wont give the option.
    this is what's listed:
    personal file sharing
    windows sharing
    personal web sharing
    remote login
    FTP access
    apple remote desktop
    printer sharing
    xgrid.
    but not screen sharing

    No BDAqua, Remote Login is for ssh, screen sharing is another name for VNC, and to start the built in Tiger VNC server enable Apple Remote Desktop, check out the "Access Privileges" screen and tick at least one user and the "VNC viewers may control screen with password" option choosing a strong password. You may then have to do some port forwarding/firewall configuration depending on your setup. There is also a free highly regarded VNC server called Vine Server which gives you more options, and is IMHO less buggy. Be aware however that VNC is inherently insecure unless you do it via an ssh tunnel.

  • IChat screen sharing wireless, need help

    I have a workbook pro, my son has a workbook. when at my house Ichat works great. we are able to I-chat all features. however... not much point if we are in the same room.
    When he goes home we are no longer able to screen share. and we can not screen share when we are both at his house. I need this feature to work (or one like it) I teach him math and we are planning on using the bamboo pad to write equations we can both see (he has a pad too.)
    I am sure that the problem is differing setups with our wireless routers. he is using a motorola wirless router, I am using a linksys. (the motorola was originally mine, then I went heterogenous since I was also using a linksys print server and a linksys range expander (no longer in use)
    where do I start looking?

    Hi,
    Welcome to the    Discussions
    In the set up pages of the Linksys go to the Administration page.
    Enable UPnP (Disable any Port Forwarding, Port Triggering or DMZ in Games and Applications)
    In Security make sure the Block to Anonymous Pings is Off and also that the Firewall is Off.
    If the Motorola routes then get him to do the same at his end.
    iChat 4 uses 20 ports. One of these is Random - the one that handles the Screen Sharing part.
    Port Forwarding and port Triggering cannot handle this random port and DMZ is too insecure.
    8:53 PM Friday; August 21, 2009
    Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"

  • Screen sharing privacy....?

    Is there any way to lock the remote screen?  Our security admin will not allow VNC on our VPN for Mac screen sharing as screen on controlled Mac turns on and anyone can watch what you are doing.  Any ideas?  Guessing may need to install Third Party software.
    Thanks in advance.
    Andrew

    I don't have an answer to that question, but your security admin really ought to be aware that having untrusted people around machines with sensitive data is inherently insecure.  If the concern is that janitorial staff or whatnot may be able to get access to sensitive data after hours, note that they could do that already with nothing more than a hard drive containing Mac OS X, unless the data is encrypted somehow.  The same would be true of Windows.
    So if your admin's concerns are justified, you obviously need something more secure than screen sharing, but you also need some form of encryption in place, if you don't already.

  • Screen sharing and multiple users

    I have an iMac at home that is used by multiple family members. I have multiple logins enable so it is common to have 2-3 accounts logged in at once. I would like to use screen sharing to connect to my account even when one of the kids is logged into their account.
    I started by looking at the vnc processes. There is one process that run as root:
    root 21792 0.0 0.0 2437128 1736 ?? Ss 12:25PM 0:00.02 /System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Su pport/RFBRegisterMDNS
    Then there is another process for each person logged in:
    username 22006 0.0 0.3 2734876 13964 ?? S 12:33PM 0:00.29 /System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Ma cOS/AppleVNCServer
    So I have two questions. One is how can there be three processes running that listen on the same 5900 port at the same time and how does it decide which one to connect a vnc client to? My second question is how can I prevent the AppleVNCServer process from starting for each user. I've tried killing those processes but they respawn immediately.

    Hi
    Thank you for your answer. Sorry to have been unclear - I'll give it another go :o)
    Here is what I am trying to do:
    I have 2 users (Plex and Ursus) that I want to have logged on at the same time. Plex will be "in the front" i.e. that is the screen that is seen if you are at the mini. Ursus is a user that is logged on but you cannot currently see (i.e. in the back as it where). I would like to work using the user Ursus (to, for example, rip a movie from a DVD (that I own of course :o).
    Using file sharing would mean that I have 2 machines running and that I need to copy all the files from the one machine to the other, not exactly what I want but manageable.
    I have managed to get this "partly" working - I am using Vine Server for Mac (http://www.testplant.com/products/vineserver/OSX) which allows me to start a VNC server on e.g. port 5901 and then screen share to that session. If I setup the second user (Ursus in this case) to use this server then I can connect to the "back" user. The only problem being that Vine Server seems to crash with Plex - as soon as I start it Plex just hangs and randomly crashes!
    Was that clearer?
    Thanks again
    Ursus

  • Airport Extreme is allowing access to screen sharing, file sharing from external IP addresses (some from China, Canada etc)

    How to get control over the ports/port forwarding etc in Airport Extreme?
    How to make AE drop packets to certain ports from external ports.  Or create whitelist/blacklists?
    I figured out where the MAC filtering is!  (It is inside the Timed Access Control).  I wish it had a list of connected device and allowed me to select, name and add them.
    I am getting requests from Chinese IP to the screen sharing ports forwarded to my iMac.  Had requests to other ports as well.  There was one IP address from CANADA too.
    I want to open file sharing for local use only.

    Why is Airport Extreme forwarding requests for screen sharing from external ip addresses to my imac?  I don't have a public address, nor use dynamic dns service, and I have removed the server app (at least I think I have, but Apple Store doesn't think so).

  • Can I display EyeTV's live TV over HDMI-out and be able to see my desktop using screen-sharing on a headless mac-mini used as a media-box?

    Hi,
    I'm thinking of buying a new mac-mini to replace my current one which acts as an iTunes server and records TV programs using eyeTV. I connect using screen-sharing/VNC to be able to do stuff on it (like handbrake etc.)
    I have eyeTV with a satelite receiver and I want to change the setup so that:
    - the new mac-mini continues to work as an iTunes server (and handbrake workhorse)
    - I can use the HDMI output (inc. audio) to show eyeTV's live TV full-screen app
    - I can connect using screen-sharing/VNC to the mac-mini and see my normal desktop to be able to maintain it etc. but this is a headless display (no screen is connected to the display-port).
    - recorded media I'd play through the appleTV2 still + rentals etc. unless anyone knows if eyeTV software can offer up iTunes content? I don't like the eyeTV recordings in general as it seems very slow to me for access when there are lots of recordings and wouldn't be available in other apleTVs in the house AFAIK.
    The main benefit that this gives me is that I'd no longer need a seperate satelite box to watch live TV and can add more eyeTV hardware to get additional TV channels all through the same HUD on the TV for ease of access.
    Does this seem possible in theory & practice (ie are there any gotcha's to consider?)
    - can I force the HDMI output resolution to 1080i as I go via an amp to the TV and the appleTV2 drops to low-res in this configuration so I have had to find a workaround for that.
    - does the mac-mini have IR input that can be programmed?
    - Does eyeTV software remain stable for long periods?
    - Does the HDMI out have any handshake issues that would need a reset of the display (somehow)?
    thanks in advance for any thoughts/contributions
    Lee

    I think the easiest way to do this is to have the EyeTV app running in one user account and sent via HDMI to the TV, and use a separate user account for Screen Sharing. Both logins can be active at the same time and with Lion you can connect via screen sharing to which ever login you need.
    With regards to the Mac video resolution changing, when it is not the current input on your AV receiver. This is 'normal', if the Mac sees no signal it drops down the a lower level. What you need is to buy a HDMI Detective Plus which tricks the Mac in to always seeing a signal and hence it will not drop down the resolution. See http://www.gefen.com/kvm/dproduct.jsp?prod_id=8005
    The Mac mini does have an IR receiver. This can be used with the EyeTV app, iTunes, and similar. Yes I believe EyeTV would run for prolonged periods quite happily, it is has been around for a long time and had most of the rough edges polished off. However one issue you will have to deal with is that it does not automatically update its program guide data. For this you might have to write or modify an AppleScript. Elgato support or their user forums will be a lot of help.
    You can set EyeTV to convert recordings to an iTunes (Apple TV) compatible format and then delete them from EyeTV.
    The HDMI Detective should solve your handshaking problems.

  • Screen-Sharing and Internet-Sharing via same network connection

    Hello out there,
    I'm using a TiBook (G4 867MHz) and a MacBook Pro 17". They are connected via a WLAN-router. Additionally the MBP is connected to the internet via an UMTS-connection established with a Merlin 870XU type PC-card.
    Network is working fine, including screen-sharing. Also the internet connection on MBP works without error. But if I activate Internet-Sharing via WLAN to get my TiBook connected to the internet, the MBP connection to the WLAN is cut off.
    Can somebody tell me what's going wrong and how to solve it?
    Greetings from good old Germany
    Ansgar

    Hello out there,
    I'm using a TiBook (G4 867MHz) and a MacBook Pro 17". They are connected via a WLAN-router. Additionally the MBP is connected to the internet via an UMTS-connection established with a Merlin 870XU type PC-card.
    Network is working fine, including screen-sharing. Also the internet connection on MBP works without error. But if I activate Internet-Sharing via WLAN to get my TiBook connected to the internet, the MBP connection to the WLAN is cut off.
    Can somebody tell me what's going wrong and how to solve it?
    Greetings from good old Germany
    Ansgar

  • How do I speed up my Screen Sharing experience?

    Hi. Apologies if this has already been answered, but I couldn't find post that matched. Anyway, I have set up Screen Sharing on my iMac so I can run it with my eMac (running Tiger 10.4.11). It all works fine except the response is a bit slow - that is to say the refresh rate doesn't make it workable if I'm working in image editing or whatever, in fact even just moving open windows around there's a noticeable lag in response time.
    I think I should mention that both computers are networked via ethernet cables - not wirelessly - so the response is as good as I can get it at the moment.
    I did hear somewhere that if I had an 'N' speed Router (as opposed to the standard 'G' speed) then this would improve the speed noticeably. Is that right? Also, my iMac is equipped with a 10/100/1000 Base T ethernet port, whereas my eMac is only the 10/100 variety. Will this make an 'N' speed router pointless. I just want to know before I waste money on something that'll make no difference really.
    Thanks
    Simon
    Message was edited by: Simon Bramley

    If you are using ethernet to ethernet connection, then 802.11g vs 802.11n WiFi does not matter.
    The slowest ethernet connection will be the limiting factor, so the eMac's ethernet port is the controlling factor for transfer speeds.
    If you want to experiment with a different VNC client and server, you might try installing Vine Server (aka OSXvnc) on the Mac to be controlled, and then use Chicken of the VNC as the client on the Mac you are sitting at. This pair of VNC client and server are very good at compressing the screen data to maximize network bandwidth.
    The next trick you could try is to tell Chicken of the VNC to use less colors. CofVNC -> Connection -> Connection Profiles -> Default Profile -> Color. Try "Thousands of Colors" first, then maybe "256 Colors" although 256 is going to look very Andy Wohl'ish

  • Screen Sharing/network problem seems confined to 1 volume. What's the fix?

    I am having a networking problem on one of the volumes of my multi-volumed, three-Mac local area network, and I need a networking guru to identify the specific software file(s), application(s), or system configuration that is the cause of the problem. I have already spent several hours checking and re-checking the various hardware and system preference settings involved, and I have narrowed the problem down to a software corruption issue and/or system configuration issue on one volume.
    I now need someone to identify specifically what the nature of the problem is, and how to eliminate it. I am not looking for a sledgehammer solution that says I should re-install all of the Mac OS X software on the problem volume. That may be held in reserve as a last resort. I'm looking for a more elegant approach, one that points out the specific corrupt files to remove without disturbing everything else.
    Here's some background to set the context. I have a MacBook Pro laptop; a PowerMac iMac G5; and a PowerMac G4 hooked up in a network. All are running Leopard 10.5.8. All have file sharing and screen sharing enabled. Besides being able to connect to each other using registered users, my goal here is for each of the Macs to be able to share the screen of the others upon my demand. Since each of the 3 Macs can theoretically share the screens of the other 2, that makes a total of six possible connections. Five succeed; one does not. That's the problem. I am trying to determine why the iMac G5 cannot share the screen of the MacBook Pro.
    The iMac G5 has no problem sharing the screen of the PowerMac G4. That connection is fast and immediate. But, every time that I hit the Share Screen button on the iMac G5 to try to connect to the MacBook Pro, I get a window with the blue barber pole spinning for two or three minutes as it is allegedly "Connecting to Mac Book Pro," followed by a window with a headline telling me that "Connection Failed to MacBook Pro." The text within that window goes on to say: "Please make sure that Screen Sharing (in the Sharing section of System Preferences) is enabled on the computer to which you are attempting to connect. Also make sure that your network connection is working properly."
    Well, as I indicated, the PowerMac G4 has no problem sharing the screen of the MacBook Pro, so the Screen Sharing settings on the laptop are correct; and the iMac G5 can share the screen of the PowerMac G4, so its network connection is working properly in that regard. It is only in regards to sharing the screen of the MacBook Pro that the iMac G5 is not working properly.
    The reason why I say that the issue must be unique to the one volume in question, let's call it "iMacG5 Music," is that another Leopard volume on the same computer has no problem whatsoever in sharing the screen of the MacBook Pro. Whenever I boot up in that volume, let's call it "iMacG5 JMB," it makes a network connection with a registered user name immediately, and it is able to share the screen of the MacBook Pro within a second of my issuing the command. In sharp contrast to the success of the iMacG5 JMB volume, the iMacG5 Music is unacceptably slow (several minutes slow!) in making a network connection with the MacBook Pro, and it always fails to share the screen of the MacBook Pro, preferring instead to take about three minutes to attempt the connection, before announcing its failure.
    Since the iMacG5 Music volume makes an immediate network connection to the PowerMac G4, as well as sharing the screen of the PowerMac G4 the moment I ask it to, I have concluded that the hardware of the iMac G5 is just fine. The problem seems confined to the system software and/or associated networking files that are unique to the iMacG5 Music volume. I just don't know what those files could be, or where the problem lies, so I've issued this call for help.
    Let me add one more little twist to this puzzle which baffles me even more. I use external LaCie Firewire drives as clone backups of my Macs. As part of my trouble-shooting process, I booted up from the cloned versions of the iMacG5 JMB volume and the iMacG5 Music volume. What I learned surprised me!
    The iMacG5 JMB clone worked just fine in making a fast network connection to the MacBook Pro, as well as sharing the screen of the MacBook Pro. I expected that. What I did not expect was that the iMacG5 Music clone was also able to make a fast network to the MacBook Pro, as well as share its screen!
    Yes, that's right. It's weird! Screen sharing works OK when I start-up from the clone of the iMacG5 Music volume, but it does not succeed when I boot up on the source itself! I was surprised to find that out, but I'm glad I did.
    (Over the past few days since I executed the last clone, I did use Drive Genius to de-frag the source volume, and maybe that has contributed to the problem I am now encountering. But it's hard to say, since nothing else seems to be amiss.)
    One solution, I suppose, would be to sync the clone back to the source. But, before I do that, I'm just wondering if anyone has a clue as to the nature of this problem on the source volume and what I might do to remedy it—short of re-installing the system software or restoring from the clone. Anyone have any insight to this problem?

    CORRECTION #2:
    Ignore the previous "CORRECTION" post.
    Oops, excuse me, I wrote that sentence correctly the first time.
    I was trying to point out that the ability of the iMac G5 computer to connect quickly and effectively to the PowerMac G4 when booted up into the iMacG5 Music volume was an indication (to me, anyway) that there is nothing wrong with the computer's hardware, nor its network connection ability, but that the problem lay somewhere in the files/settings used to connect to the MacBook Pro, which it cannot accomplish.
    This is what happens when I get engrossed in one of these technical morasses and it ***** me into its vortex all through the night... time for bed.

  • Can you use screen sharing outside of your local network?

    I've been poking around with the "screen sharing" in osx Lion. I have a few questions about it.
    Firstly, is the built-in screen sharing only accessible through the finder?
    Also, is it only available on local networks? I've gotten it to work on two computers on the same network. But, can I use in the built-in screen sharing to look at my work iMac while I'm at home on my Macbook? Or would I need a full VPN client to do this? (Although isn't there built-in VPN compatibility in Lion?)
    Thanks!

    Go here..
    https://discussions.apple.com/message/16439571#16439571
    ... and read my post explaining the different ways to share your screen.  Things should be a little clearer for you, I hope.
    Bob

  • Is it possible for multiple users to use a "generic" account simultaneously without screen sharing?

    Hey and thanks for checking out the thread.
    I am wondering if it is possible to have users use a generic account at the same time without any sort of screen sharing.
    I have set up a generic user account (for example useraccount, password 1234) for users to use in the time before I can set up a custom user name for them. However, I have run into some issues with this.
    When multiple users log on using this generic account, their applications seem to be shared on each screen. In the room with multiple Mac workstations, if someone starts working on Photoshop, Photoshop will open on every one elses screen who is logged on under that generic account.
    Is it possible for users to log on using a generic network account and have their own isolated work environment or is this sort of sharing a feature? I am new to Mac servers and am not sure.
    Thanks for reading the thread.

    That shared-account approach seems impractical for the various reasons you've identified, as well as the inevitable issue of cleaning up the detritus that'll inevitably build up in a shared account, and for the lack of accountability for activities occuring under the shared account for both auditing and security, and sharing directories would tend to introduce obscure conflicts around which-file-version-wins file updates when the same file is used in several places, and would probably be contrary to any per-user application software licensing agreements that might be involved.
    Put another way, get unique accounts created for folks, and work toward the ability to create accounts for arriving folks, and — if it's applicable here — talk to management about getting any per-user software licensing issues sorted out, whether that's having spare copies purchased and ahead or some advanced notice on accounts, or establishing group software licensing where that's available.
    AFAIK, there are tools around which can automate account creation, too.  Either generic, a tool such as Passenger, or it's certainly feasible to script the account creation sequence.
    Trying this shared-access generic-account approach just looks like it can create more work and more hassles and more effort to me...

  • How can I set up a screen screen sharing VNC at a resolution higher than display?

    I have a mid 2010 MacBook Pro 13in, and i have set up screen sharing to access over VNC. I want to view my mac on my 1920x1080 display hooked up to my PC. But when i do it is not full screen, it is the same resolution as my MBP. how can i run it at a higher resolution only over VNC?

    As Cvid suggests, I create my "frames" in Photoshop. Not sure about all versions, but my PS has several Actions, just for frames, and I have made a few more, with a different "look."
    I Save_As PSD, and just Import those as Footage (I do not need the capability to work with the individual Layers).
    Good luck,
    Hunt

  • Screen Sharing and scale

    I just got 2nd monitor on my home system. The system I want to "screen share" from also has a second monitor. So, when I do screen share, it only will scale to the size of my monitor. I can't grab the bottom right corner and make it scale up to span my two home monitors.
    If I turn off scale to fit available space, then I can get it to span monitors. But then, it's too big on the screen.
    Does anyone know how to "scale" it so that it spans two monitors?

    Opps,
    Just spotted something
    defaults write com.apple.ScreenSharing controlObserveQuality #
    This s not an iChat setting. It is not a .plist to do with iChat
    Most likely it is the setting for the Screen Sharing App. (see System Preferences > Sharing)
    The app can be invoked by going to the Go Menu in the Finder > GO to Server and starting the line with VNC:// (Instead of SMB or AFP)
    The app that runs this is "hidden" in /System/Library/CoreServices and not in the Applications folder.
    I take it this was the Hint ? (which says it is VNC connections = plain Screen Sharing).
    10:16 PM Tuesday; August 17, 2010
    Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"

Maybe you are looking for

  • Black PDF file in Safari and Preview

    Hi all, On our website, we have a number of PDF files. These are produced by another company. One of these PDFs shows up black (or actually dark grey; rgb(7,3,1)) when opened on a Mac in Safari or the Preview app. Opening these PDFs in Acrobat Reader

  • Problem in Purchase order version management

    Dear Guru, My Friend i have some problem in version management in Purchase order, when my user changed PO new version created, then user fill the data like reason, text, requested by but he forget about the tick mark on completed field so that PO not

  • Saved data cannot be viewed in FDF file

    Hi, I am new here, first time. I have strange problem, not sure its a design change or what. lets take this senario, we have online forms to be filled by user A. email Data function is used to email the form to User B. when user B opens the form from

  • MBP almost burning after 3 hours shut down.

    Hi, Just to share a recent and alarming experience with my MBP. And see if someone found a similar behavour. Yesterday evening I shut my MBP down aroud 18:30 (waited for black screen), placed the laptop on the backpack and around 21:30 at home (three

  • Spotlight will not fully index PowerBook used in target disk mode

    I connected my PowerBook in target disk mode to my desktop to transfer files. Quickly added the PowerBook drive to the desktop's privacy list. After restarting the PowerBook, it started indexing, but said it was finished in less than 5 minutes (about