Alternatives to Remote Desktop and Win7 Home Premium?

[BonzaiDuck]

We're going through an upgrade and maintenance cycle in our home LAN.

My elderly Moms and my brother had been using old LGA-775 Wolfdale systems. Moms, being 90 next week, is the most resistant to change. I've replaced Bro's C2D system with a Z77 motherboard and a quad-core i5-3570K processor with 2x4GB = 8GB of G.SKILL RAM.

Bro had a valid OEM licensed installed Win 7 64-bit SP1. For logistical reasons, I had to keep his old PC running while building the replacement. I had an unused Win 7 64-bit SP1 Home Premium OEM install, and used it for the new system.

For any number of reasons, I need to use Remote Desktop to access the fam-damn-ily's computers, which heretofore had been configured with Win7-Pro (but I said that). I may have known that you couldn't access a Home Premium with Remote Desktop, but I didn't remember it until after the replacement system was ready.

The options: (1) Obtain the Windows "anytime/anywhere" Upgrade; (2) attempt to "upgrade" with Bro's original license and go through the telephone activation process; (3) buy another OEM Win 7 install disc/license and "upgrade" with it; and (4) find an alternative to Remote Desktop that doesn't cause complications, works reliably, doesn't compromise security and so forth.

(1) is impossible: the "Anytime" installs are no longer available. (2) is risky, for this reason: the mobo and hash-code are already registered under the Home Premium license, and the telephone activation option for the OEM "Pro" may likely fail (I'd had this combination of circumstances before). (3) costs at least $100.

I don't want to use something like "TeamViewer." I've discovered "RealVNC" by poking around other forums:

https://www.realvnc.com/products/

This would only be needed to access Bro's machine upstairs. Any advice? Misgivings? Experiences? Insights?

 

[JackMDS]

This is even better.

http://www.ezlan.net/vnc.html

http://www.uvnc.com/




😎

 

[master_shake_]

https://blog.jordanhopfner.com/2012...top-connection-on-windows-7-home-premium-sp1/

this still work?

 

[BonzaiDuck]

https://blog.jordanhopfner.com/2012...top-connection-on-windows-7-home-premium-sp1/

this still work?

Thanks for all these alternatives or options -- both of you.

I'll have to ponder which way to go on this.

In the latest development with this Home Premium install, after uninstalling Kaspersky KIS 2015, I find that the desktop gadgets we'd grown familiar with just don't work. I KNOW M$ discontinued support for gadgets, which are a security vulnerability. Before I do anything further with Bro's new system, I'll want to analyze the event logs.

We had to drop back to KIS 2014, per recommendation of their tech-support. There is a bug in the 2015 version that causes AVP.EXE to hog all the clock cycles when downloading e-mails. Until they issue a patch, and until they release version 2016 in midsummer, the "fix" is to install the 2014 version, which works fine under the new license.

Ultimately, though, I definitely need to have a Remote Desktop capability to that system. I can't be walking in and out of Bro's room to maintain his system. And frankly, I don't like walking up and down the stairs all the time for that purpose.

And thanks again, guys.

 

[jkauff]

Just like Microsoft. Outside of a corporation, the people who need remote help the most are the least likely to have Pro or Ultimate on their machines. Bass-ackward.

 

[Magic Carpet]

What's wrong with TeamViewer ?

 

[Binky]

I don't understand the reluctance to teamviewer. if you're concerned about security, use super-strong passwords, or just don't set it to run all the time. She/he will have to run it when there is trouble for you to connect.

 

[BonzaiDuck]

Just like Microsoft. Outside of a corporation, the people who need remote help the most are the least likely to have Pro or Ultimate on their machines. Bass-ackward.

That's a good point.

On the TeamViewer angle, I have no substantive reason to avoid it. But I had a "close-call" with an annoying scam which seemingly uses "employees" with Indian accents who call people to tell them they're "Microsoft support" -- that the call recipient has "problems with [his] computer." They then attempt to get the user to install TeamViewer and communicate the PIN or password, so they can "fix" the computer.

After that, I did a little research on TeamViewer and discovered it was used by IT pros in organizations to allow for diagnostic or maintenance access to another employee's computer.

Right away, the mention of TeamViewer gives me chills down my spine. You see -- I came "that close" to offering up the password. I hadn't had my coffee that morning; I was pretty groggy when we received the phone-call. I "woke up" just in time. Then we purged the computer at hand during the phone call of TeamViewer.

 

[Mushkins]

That's a good point.

On the TeamViewer angle, I have no substantive reason to avoid it. But I had a "close-call" with an annoying scam which seemingly uses "employees" with Indian accents who call people to tell them they're "Microsoft support" -- that the call recipient has "problems with [his] computer." They then attempt to get the user to install TeamViewer and communicate the PIN or password, so they can "fix" the computer.

After that, I did a little research on TeamViewer and discovered it was used by IT pros in organizations to allow for diagnostic or maintenance access to another employee's computer.

Right away, the mention of TeamViewer gives me chills down my spine. You see -- I came "that close" to offering up the password. I hadn't had my coffee that morning; I was pretty groggy when we received the phone-call. I "woke up" just in time. Then we purged the computer at hand during the phone call of TeamViewer.

They could have just as easily chosen logmein, or join.me, or gotomypc, or any of the dozens of VNC-based remote access tools for their scam. That doesn't really make Teamviewer any less of a valid solution for your issue. It's like refusing to use a hammer because someone almost broke your car window with one, the hammer is just a tool.

If anything, RDP *especially* if you're port forwarding for access from outside of your local LAN is a *much* bigger security risk.

 

[BonzaiDuck]

They could have just as easily chosen logmein, or join.me, or gotomypc, or any of the dozens of VNC-based remote access tools for their scam. (2) That doesn't really make Teamviewer any less of a valid solution for your issue. It's like refusing to use a hammer because someone almost broke your car window with one, the hammer is just a tool.

(1) If anything, RDP *especially* if you're port forwarding for access from outside of your local LAN is a *much* bigger security risk.

(1) I think I knew that from the time I recognized a need for RDP on these systems, and I've never had a need to access the LAN from "outside."

(2) Agreed.

It took my brother at least a couple years to articulate his desire to integrate his PS3 for DLNA with our home server, and another 4 months from the time I started investigating alternatives before I took an entire 5 minutes to choose the solution and make it successful.

These days I spend a lot of "contemplation" time before I actually do something that poses any change for our networked computers. I'm still mulling over the solutions to Win7-HP's lack of the RDP hosting. It's not an "emergency situation," but probably sometime this week I'll make the decision and it will probably take me less than 5 minutes to get it working.

I'd used another commercial solution precisely for remote-desktop capability before, although I forget then name of the SW outfit and the product. I can't remember whether it was because there had been some similar shortcoming with Win 2000 Pro or if it was XP instead. It only required installing the software on the host and the client, and there was never a problem with it.

One thing that interests me, though, was the hack that master_shake_ cited in the mention of the "Jordan Hopfner" blog. I'd like to have more information about that. On the one hand, it doesn't "introduce" additional software; on the other, I don't know how reliable it may be, or what experiences other folks had with it.

UPDATE: Well -- I downloaded the ZIP file from Media Fire for the "Jordan Hopfner" hack. Again -- "Media Fire" -- inspires caution, but the file passes muster with KIS 2015 "Custom" scan. There were enough User responses at the Hopfner blog to provoke optimism. I think I'll clone Bro's Win7 HP boot drive, or make a note of last-night's WHS backup before I move forward with this. The Media Fire link seems a bit stale, or the download steps seem obscure and convoluted.

I spent a few months this year cleaning up the red-bang/yellow-bang events for event-logs throughout the house, so I suppose that underlies my neurotic display of caution. "TeamViewer," "Media Fire" -- with two careless users in the house, I'm the paranoid user-administrator-whatever-you-call-it.

 

[Ketchup]

Yeah, I see the "scared" response from past experience, but all these programs rely on the recipient giving out information. If someone had forced their way in without the recipient agreeing, I would see your concern. But when people are giving out information that an unknown person is asking for, no program will guard against that.

 

[BonzaiDuck]

Yeah, I see the "scared" response from past experience, but all these programs rely on the recipient giving out information. If someone had forced their way in without the recipient agreeing, I would see your concern. But when people are giving out information that an unknown person is asking for, no program will guard against that.

Heh! Yeah! The "close-call" was a humbling experience for me. I DID miss the morning coffee, as I said. And I'd be the LAST person who would believe some unknown caller on a telephone saying that "something was wrong with MY computers . . . " The couldn't have known WHO they're kidding!! You know . . . I know . . . "Ah been aroun' for a while." If there's "something wrong" with my computers, I'm going to know it first, and I may or may not solicit second opinions here at the forums.

On the Jordan Hopfner hack, it looks like he either obtained it or took his cue from the "Missing Remote" web-site, which might inspire some confidence.

Somehow, after Gates retired from M$, I began to wonder whether any of his enlightened altruism remained there. It's a dominant firm with such a customer-base that "dominant" is just a euphemism for monopoly. And the paradox: firms in such a market position -- knowing that they could still lose market-share -- often offer less flawed product and better support. They can especially do that, because of the profitability arising from the high-ground position in the market.

I just think it's pretty cheap that they didn't offer the RDP feature in Home Premium. Like someone said: That's the version in which users might find the greatest need. When they started offering different version-levels of the latest OS, they were mimicking the big automakers with "product differentiation." It was inevitable.

 

[cubby1223]

We're going through an upgrade and maintenance cycle in our home LAN.

My elderly Moms and my brother had been using old LGA-775 Wolfdale systems. Moms, being 90 next week, is the most resistant to change. I've replaced Bro's C2D system with a Z77 motherboard and a quad-core i5-3570K processor with 2x4GB = 8GB of G.SKILL RAM.

Bro had a valid OEM licensed installed Win 7 64-bit SP1. For logistical reasons, I had to keep his old PC running while building the replacement. I had an unused Win 7 64-bit SP1 Home Premium OEM install, and used it for the new system.

For any number of reasons, I need to use Remote Desktop to access the fam-damn-ily's computers, which heretofore had been configured with Win7-Pro (but I said that). I may have known that you couldn't access a Home Premium with Remote Desktop, but I didn't remember it until after the replacement system was ready.

The options: (1) Obtain the Windows "anytime/anywhere" Upgrade; (2) attempt to "upgrade" with Bro's original license and go through the telephone activation process; (3) buy another OEM Win 7 install disc/license and "upgrade" with it; and (4) find an alternative to Remote Desktop that doesn't cause complications, works reliably, doesn't compromise security and so forth.

(1) is impossible: the "Anytime" installs are no longer available. (2) is risky, for this reason: the mobo and hash-code are already registered under the Home Premium license, and the telephone activation option for the OEM "Pro" may likely fail (I'd had this combination of circumstances before). (3) costs at least $100.

I don't want to use something like "TeamViewer." I've discovered "RealVNC" by poking around other forums:

https://www.realvnc.com/products/

This would only be needed to access Bro's machine upstairs. Any advice? Misgivings? Experiences? Insights?

You can enable remote desktop on Home Premium with an easily available patch out there.

You can also upgrade home to pro (Windows anytime upgrade) using *any* Pro key, including an oem key that you have, the key does not have to be obtained by the anytime upgrade purchase system.

If you're worried about security, you can place a cheap vpn router as a second authentication system before getting at rdp.

 

[BonzaiDuck]

You can enable remote desktop on Home Premium with an easily available patch out there.

You can also upgrade home to pro (Windows anytime upgrade) using *any* Pro key, including an oem key that you have, the key does not have to be obtained by the anytime upgrade purchase system.

If you're worried about security, you can place a cheap vpn router as a second authentication system before getting at rdp.

Unfounded TeamViewer suspicions aside, there aren't any security worries.

I'm more concerned about borking the W7-HP (OEM) activation, again -- based on some frustrating experiences. On the up side, I bought a mobo-RAM-i5_3570K bundle from its previous owner who also shipped the W7-64 Ultimate OEM disk with the board. I damaged a pin/spring on the board's socket, and then broke off its nipple trying to straighten it. The remaining parts were worth $100 more than I paid for the whole enchilada, so I chucked the board, used a (better) replacement, ands went through the telephone activation process for the Ultimate OEM license -- successfully.

In another episode, I had a branded Win-7 OEM installation. Before I discovered the cause behind certain symptoms was a combination of a bad RAM stick and a dying PSU, I did an "in-place" upgrade, but the activation somehow failed. I reached for a downloaded Win-7-64 Pro I had purchased some months earlier, and attempted to use its Product Key. That, too, failed, throwing up a message "you can no longer use this license on this machine" or something approximate. I never attempted to use the second, purchased license on another system and attempt activation.

So. I still have Bro's original Win-7-64 Pro install disc and key (OEM). I could attempt to do the upgrade you describe. I know from my "Ultimate" experience that -- by itself -- the telephone activation would work with the new hardware. But I SUSPECT from my experience with the branded disc and Win 7 download that it COULD fail.

But -- this thread shows I have a lot of unfounded suspicions. I suppose I could clone or back up the existing HP install on bro's system, and then attempt to upgrade it with his OEM product key.

And also but -- I could use the Hopfner download patch. Hmmm.

 

[BonzaiDuck]

There were enough "visitations" to this thread, I thought I might update on my resolution choices as a "public service."

Somebody else might differ, and that's fine.

-- The "Hopfner patch:" A lot of folks got this to work, some didn't, and it fails on some aspects such as "audio." I thought it was a home-grown fix, and -- without even trying it -- wondered if it was easily "uninstallable." On the positive side, it would seem the "simplest" solution for not introducing additional software. And -- it was free. But I decided against it.

-- "Anytime Upgrade," "In-place Upgrade" and OEM licensing: Someone posted that I could simply upgrade from Home Premium to Professional with an existing Pro license -- even OEM. There seems to be a lack of consensus at other sites and forums as to whether "OEM" is possible. Rather than proceed with the possibilities here, I decided to abjure upgrading from HP to Pro.

-- "Other RDP or VNC alternatives:" I'd already mentioned RealVNC, and folks pointed me to TeamViewer -- can't remember if there were other suggestions. Additional discussions over the last two years had many folks touting VNC -- some because they thought it was faster. There is also a free alternative called "TightVNC."

I finally decided to give RealVNC -- "VNC" -- a try. They offer an "Enterprise" license for $44 with a pricing scale for the number of machines connected; a "Personal" license for $30; and a "Free" or "Basic" license . . . for free.

The free version does not encrypt the connection between client and host WHILE THE CONNECTION IS ACTIVE. Nor does it provide "printing," "chat," file cut-and-paste (between host and client desktops). Those features aren't necessary for what I need it for. Further, there shouldn't be a security vulnerability for the short sessions I intend, since this all occurs behind a hardware firewall with workstation protections enabled.

If I begin to worry about security (for 5-minute remote-desktop connections within a wired Ethernet LAN) -- I can upgrade for the $30.

I'll say this, though. VNC seems very robust and quick. Further, you might find it useful for remote control of an HTPC system. While Windows Remote Desktop closes a current session on the host machine when the client logs on, VNC allows the user on the remote host to continue working, clueless to an established connection. I'd have to explore further just how accurate my statements here are, but that was also the conclusion of other users.

So far, no need to get a Win 7 Pro upgrade for the Win7 HP install -- which is "pristine" so far. With the prospects of upgrading to Windows 10 by year's end or a few months thereafter -- possibly one machine at a time -- No need to pay for more win 7 licensed Discs.

 

[joutlaw]

Unfounded TeamViewer suspicions aside, there aren't any security worries.

Do some googling on TeamSpy. TeamViewer has been patched to address this, but I can't trust them now.

 

[BonzaiDuck]

Do some googling on TeamSpy. TeamViewer has been patched to address this, but I can't trust them now.

It may be that TeamViewer use is so pervasive internationally that they chose it as a favorite base to exploit.

I like to think my record of secure practices is good. But -- knock on wood.

Certainly makes me feel good about having stuck with KIS since around 2006, though. For years, the reviews have concluded on the "cons" side about price. I get the OEM licenses or discs, using the downloads from KIS-USA. And I raised a flag in recent weeks about a bug in a 2015 version (15.0.2.xxx) that would leave CPU usage pegging at 100% until after reboot. They were all over the problem before I contacted them; the fallback version they recommended was 2014, but an earlier 2015 version is also bug free (15.0.1.415).

Now, on this other angle, it occurs to me that nothing is safe. And after seeing what RealVNC can do, that it saves me the trouble of either patching or upgrading the Win Home Premium, I think I'll shell out the $30 for the license that "secures" the connections within the LAN.

I just noticed this morning that the regular Win Remote Desktop has a brief flash-up of a message "Securing the connection . . ." which I'd never noticed before. I might as well buy the paid license.

. . . And hold them accountable if there is ever any breach attributable to the software.

And also, back to TeamViewer. I only had an intuition -- a feeling -- that I didn't want to use it despite many suggestions here. It was all a matter of my own "superstition." But it definitely became a target for the Russky hackers, didn't it?

Sometimes, a little paranoia will lead you in the right direction, anyway.

Well, time to rifle through my plastic and get that license.

 

[John Connor]

One word: Hydra.

Teamviewer is what I use. It's HIPAA compliant and uses AES encryption.

 

[BonzaiDuck]

One word: Hydra.

Teamviewer is what I use. It's HIPAA compliant and uses AES encryption.

Well, responding with my short but growing experience with RealVNC. Your observation about Hydra malware and routers -- no question.

As opposed to TeamViewer -- for which Kaspersky had exposed the TeamSpy vulnerability which has been (supposedly) fixed -- the "free" version of RealVNC offers only unencrypted connection.

So -- with the "pong" ball of our discussion banging around and pointing to different vulnerabilities -- I shelled out the $30 for upgrade. I was initially disturbed to find that the connection window still showed "unencrypted connection." Then I discovered an "options" window which turns it on.

I can only say it's fast, seems totally reliable, offers AES encryption, and has features that exceed Windows Remote Desktop.

So you could say "Dummy! Why didn't you go with the freeware?" Supposedly we're discussing those reasons. And paying for a license wouldn't necessarily assure more security -- but then again . . .?

Back to my original options: the Hopfner Patch; Anytime Upgrade; Upgrade from Win7 HP to a standalone Pro license. The latter two cost considerably more, or noticeably more, and the first of those -- it just isn't available much, except through EBay. If you bought the EBay offering, you might wonder "where it's been," who's used it or whether it's still "activation-valid." Getting beyond those suspicious little worries, there are always the short-comings of a Windows Upgrade path, requiring more tweaks to resolve "events" which turn up in the logs.

So given my misgivings about TeamViewer -- shared with one or more posters -- I'm not a "total dummy:" just a mildly spendthrifty, cautious dummy?

No problem with it, though.

 

[matricks]

TL;DR: Teamviewer wasn't the attack vector used by TeamSpy, and humans are the security risk, not software. And coffee doesn't matter.

"TeamSpy" isn't a vulnerability, it is/was a group targeting government organizations, activists and other actors in order to steal information and perform surveillance. In order to perform these activities they installed Teamviewer, a legitimate and popular remote administration tool, on target computers, along with some extras in order to alter its behavior to the groups needs (i.e. not showing warnings on the users desktop, like Teamviewer normally does).

Teamviewer itself wasn't the attack vector, the infected target computers didn't necessarily have it installed. They could have been infected in a number of ways, I haven't dug into the report to figure out how infections initially happened. Most likely some form of social engineering to make users run a malicious file, which installed Teamviewer and the groups "addons". Like your average e-mail with suspicious attachment.

You can argue that Teamviewer should be better protected against in-memory modifications, but that wasn't what opened up the targets for attack. It was just fairly convenient for the attackers - rather than write their own tool, they could make use of one that already was well known and unlikely to be flagged by antivirus software. Teamviewer is one recognized remote administration tool, RealVNC is another. The various other *VNCs also fit in here, as do Windows Remote Assistance. The attackers could have chosen any, they picked Teamviewer. RealVNC has had its own vulnerabilities, including letting unprivileged users execute code as root (administrator in Windows). That is an actual attack vector. There is little to suggest that one of Teamviewer or RealVNC is more secure than the other.

The "close-call" was a humbling experience for me. I DID miss the morning coffee, as I said. And I'd be the LAST person who would believe some unknown caller on a telephone saying that "something was wrong with MY computers . . . " The couldn't have known WHO they're kidding!! You know . . . I know . . . "Ah been aroun' for a while." If there's "something wrong" with my computers, I'm going to know it first, and I may or may not solicit second opinions here at the forums.

I don't drink coffee, and I've also been around for a while. I have yet to fall for something like the bogus Windows technical department. I haven't had the near-death experience you had either. Yes, they have called me. Multiple times. Your experience should demonstrate that the software shouldn't be your main worry. The main worry is people, and the vast amount of poor decisions people make. Most modern attacks involving software rely on some person making one or more poor decisions. The software vulnerabilities exploited would not matter in most scams, as they only matter once the user has willingly let the attackers in. Browsers and plugins (if there is any software you should worry about, Flash Player should be number one) still have vulnerabilities that can lead to silent infection via ad networks, but plenty of attacks still rely on users poor decisions, and are very successful nonetheless.

 

[cubby1223]

-- "Anytime Upgrade," "In-place Upgrade" and OEM licensing: Someone posted that I could simply upgrade from Home Premium to Professional with an existing Pro license -- even OEM. There seems to be a lack of consensus at other sites and forums as to whether "OEM" is possible. Rather than proceed with the possibilities here, I decided to abjure upgrading from HP to Pro.

I seriously did this again just last week. I needed to set up a system for someone to use as a cheapo file server. Mistakenly used my Home Premium dvd during installation, so rather than starting over from scratch, I skipped entering in the license number during the install, and when the desktop came up, immediately opened up the "Anytime Upgrade" and entered in the Pro oem license key.

 

[BonzaiDuck]

I seriously did this again just last week. I needed to set up a system for someone to use as a cheapo file server. Mistakenly used my Home Premium dvd during installation, so rather than starting over from scratch, I skipped entering in the license number during the install, and when the desktop came up, immediately opened up the "Anytime Upgrade" and entered in the Pro oem license key.

Yeah -- I've since become aware that the license key determines what features are available, but they're otherwise "already there." At least, that's the impression I got looking at other forum posts beyond Anandtech.

On the "bogus Windows Support" scam with the Indian/Pakistani accents, I'm not ashamed to say that "I came that close." One must remain vigilant. One just doesn't expect to get phone calls like that. But -- no harm. The guy kept badgering me to give him the passkey for the TeamViewer install -- I woke up -- and then told him to go **** himself and hung up.

In the age of social media, I've kept a low profile. When I jumped on the microcomputer bandwagon in 1983, it was for a desire to write my own programs to do two-stage least squares regression and other statistical methods. I would've laughed if someone suggested that "computers would be a vehicle for social communication."

But that was then; this is now . . .

Anyway -- "we're all good." Maybe I spent more than I should have, but it was still pretty much chump change. The RealVNC program has useful features. One has to actually go into an options menu to turn on the 128-bit encryption. It seems faster than Remote Desktop.

Mission accomplished.