Looks like overworked devs did some pretty bad practice with certs, not as big of a deal as people are making it out to be. hackaday.com/…/this-week-in-security-forksquattin…
Comment on Rustdesk's lesser known features
fleem@piefed.zeromedia.vip 3 weeks ago
didn’t i hear some off-putting shit about rust desk kinda recently?
queerdo@lemmy.blahaj.zone 3 weeks ago
passenger@sopuli.xyz 3 weeks ago
I would not touch it, seems very sketchy, and with this sort of program you need total trust
ISOmorph@feddit.org 3 weeks ago
What’s the sketchy part tho?
passenger@sopuli.xyz 3 weeks ago
It seems they were trying to hide the app being Chinese, added a trusted certificate on your machine wkthout prompting, complaints about not really being open source, etc. It doesn’t look very good to me at this point.
Search around a bit and you will find these issues being raised by people, at the same time the answers fron the team seem very dismissive and amount to please no politics here.
Check the wikipedia page edits as well, weird stuff. I don’t like weird stuff when choosing a remote control software.
Rather paying Anydesk than using this. At this point at least.
queerdo@lemmy.blahaj.zone 3 weeks ago
I did some digging and there’s no real basis for most of these claims. The company seems to be backed by a weird commercial OSS VC, with a founder with a hand in crypto bullshit, but that doesn’t mean that the application is insecure. Also, for what its worth, I couldn’t find any links to China outside of the rendezvous server thing.
I checked the wiki page edits - not sure which one you’re referring to but I didn’t see anything malicous or suspicious.
This article summed it up well hackaday.com/…/this-week-in-security-forksquattin…
TL;DR it’s not an issue
rtxn@lemmy.world 3 weeks ago
If this is as significant an issue as you imply, please link some credible sources.
BCsven@lemmy.ca 3 weeks ago
Binary blobs