it is a concern to me because there is no plan to do security audit despite people asked about ti in the past.
https://github.com/rustdesk/rustdesk/discussions/8392
https://github.com/rustdesk/rustdesk/discussions/4968
Not in their roadmap
https://github.com/rustdesk/rustdesk/discussions/918
people had concerns about the company:
https://www.reddit.com/r/rustdesk/comments/11nu94y/is_rustdesk_a_scam/
As HN: RustDesk Installs Chinese Root Certificates
Yeah there was enough ambiguous behaviour from them for me to decide fuck it, keep using TeamViewer for now, even though TeamViewer has their own issues not long ago…
Stop using TeamViewer. If you can’t setup your own secure self hosted remote desktop, then at least use AnyDesk.
I’m not claiming they’re perfect, or that any SaaS RD provider is good, but TeamViewer is right there with LogMeIn as the worst of a bad bunch.
What would you recommend for a self hosted remote desktop?
Others may have better, or fancier solutions, but I’m a fan VPN -> Home Network -> VNC over SSH/TLS for Linux boxes, and RDP for Windows.
Again, none of VNC or RDP ports or services are ever exposed externally, and even on the LAN, they require authentication and use secure tunnels.
Full disclosure, I haven’t used RDP in a while and I don’t know what version of SSL/TLS it comes with anymore.
I know their are self-hosted AnyDesk style options and maybe they’re better than my approach, but I’ve never used them so I can’t really speak on that.
We appreciate your concern about the security of our software, but we don’t have plans for a security audit at this time. Our open-source approach and commitment to secure coding practices are sufficient to ensure the security of our software.
As an open-source project, our code is available for anyone to review and audit. If you’re tech-savvy and concerned about security, you’re welcome to dive into the code and verify our claims for yourself.
We’re a team of experienced developers who are passionate about creating secure and reliable software. We’re asking that you trust us to do the right thing. We’ve earned that trust through our hard work and dedication to our craft. We’re not perfect, but we’re always striving to improve.
We believe that our approach is effective, and we’re not going to divert resources to a security audit that we don’t think is necessary. We hope you can understand and respect our decision.
No evidence this is anyone in the RustDesk team + shitty/possibly LLM-generated response leads me to believe this is a troll.
This must be a joke response…