![]() Company Promotionĭo you work for a company who makes ChromeOS devices or accessories? Contact us via modmail to get a verified flair.Īre you interested in introducing your products to the community through a giveaway or another means? Reach out through modmail! RulesĬLICK HERE for the subreddit rules. ![]() Would you like to be verified as an employee? Contact us via modmail. Please note that these individuals represent their own opinions when participating in the subreddit, not Google's, unless it's explicitly stated otherwise. They can be identified by their blue "Verified Googler" user flair. Enable Curtain mode for Chrome Remote Desktop. HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\UserAuthentication to 0. HKEYLOCALMACHINE\Software\Policies\Google\Chrome\RemoteAccessHostRequireCurtain to 0. You may occasionally see a Google employee comment on the subreddit. But for now I have reversed the step by changing values of the following in regedit: 1). As a lightweight OS designed primarily for web and app-based computing, it is fast, secure, and resilient to viruses and malware. I use Chrome Remote Desktop pretty much every day.Join our Discord server! What is ChromeOS?ĬhromeOS is Google's Linux-based operating system built around the Chrome web browser, complete with the ability to run Android apps and a powerful Linux VM. Under 'Processes,'look for 'Google Chrome' or 'chrome.exe.' Click it, then click End process. To see if Chromes open and force quit out, follow the steps below for your operating system. However, the thought that someone might be sitting in front of the client machine watching (or worse, hijacking) what I'm doing is a serious concern. Chrome might already running be in the background on your computer. I found the solution called "curtain mode." It makes Chrome Remote Desktop more like MS-RDP (which only shows the login screen while you are accessing it). Via Google, there are many step-by-step instructions on how to achieve curtain mode. The step calls for removing what seems to be a critical security layer around the Microsoft RDP apparatus.Įnable RDP connections to the machine by unchecking Control Panel\System and Security\System > Remote settings > " AllowĬonnections only from computers running Remote Desktop with Network.Using Regedit, set HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\RemoteAccessHostRequireCurtain.In particular, I am concerned with step 2 of this process: Steps for all Windows installations: Indeed, one of them is straight from google. What is "Network Level Authentication" ? Does it make the machine more hackable if removed? I am not entirely sure what it means or the consequences of unchecking the box. Just came across this thread and I've had my challenges with NLA, so even though this is an older issue, I thought I'd offer an answer. Network Level Authentication (NLA) is a feature of Remote Desktop Services (RDP Server) or Remote Desktop Connection (RDP Client) that requires the connecting user to authenticate themselves before a session is established with the server. ![]() Originally, if a user opened an RDP (remote desktop) session to a server it would load the login screen from the server for the user. This would use up resources on the server, and was a potential area for denial of service attacks as well as remote code execution attacks (see BlueKeep). That explains pretty well what NLA means. Now, in terms of real world security risks, I'm generally hesitant to disable it on a laptop, where I could potentially be accessing internet on an open wifi connection. If your PC is behind a firewall, on secured wifi, or on a VPN, a hacker would have to get into that network to be able to even try to access your machine. However, on an open network, it's easy to get on and sniff for IPs try and exploit. But one deal breaker for me was that Chrome remote desktop doesn't match windows resolution to the client screen resolution. This is a big deal for me since the computer I am remoting into has large dual monitors, and the Chromebook I'm getting only has a 10 inch display. On the right pane, find and double-click fDenyTSConnections. Navigate here: HKEYLOCALMACHINE > SYSTEM > CurrentControlSet > Control > Terminal Server. So, apparently I can't access my Windows 10 Pro computer from a Win7 Home laptop and successfully instantiate Curtain Mode. I had heard that 'Curtain Mode' would fix this for me. Press Win + R and then type in regedit to open the Registry Editor. They're telling me both the host and the remote machine need to be running Pro (or higher) version of Windows. Even then it only gets you as far as the windows logon screen, so it's still not a free pass, but there are some risks if you happened to encounter someone pretty malicious that knows what they're doing. I've just been back and forth with support from the Chrome team.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |