VNC Client(s)

[Manip]

What is VNC?

VNC stands for Virtual Network Computing. It is remote
control software which allows you to view and interact
with one computer (the "server") using a simple program
(the "viewer") on another computer anywhere on the
Internet. The two computers don't even have to be the same
type, so for example you can use VNC to view an office
Linux machine on your Windows PC at home. VNC is freely
and publicly available and is in widespread active use by
millions throughout industry, academia and privately.
(from realvnc.com)


TightVNC and RealVNC at least are detected as 'spyware'
(although listed under "Commercial Remote Control"). Now,
I can understand the argument for anti-*virus* software to
detect VNC - it might even be a good idea, however my
tolerance does not stretch as fare as anti-spyware
software which should only be detecting just that,
spyware.

VNC is open source software and, as far as I'm aware, does
not come bundled with any kind of spyware or malicious
software of any kind. That is why I think this is a false
positive.

 

[Kent W. England]

Manip wrote on 10-Jan-2005 6:39 PM:

VNC is open source software and, as far as I'm aware, does
not come bundled with any kind of spyware or malicious
software of any kind. That is why I think this is a false
positive.

This has already been discussed and the reason, as clearly stated in the
details in the program, is that VNC could be installed as spyware, if
the user is unaware of its presence.

Therefore, MSAS provides an alert warning for presence of VNC, in case
the user didn't know it was running.

There should be warnings of any kind of remote control software,
including PCAnyWhere.

 

[Guest]

-----Original Message-----
Manip wrote on 10-Jan-2005 6:39 PM:


This has already been discussed and the reason, as clearly stated in the
details in the program, is that VNC could be installed as spyware, if
the user is unaware of its presence.

Therefore, MSAS provides an alert warning for presence of VNC, in case
the user didn't know it was running.

There should be warnings of any kind of remote control software,
including PCAnyWhere.

It is not the job of anti-spyware products to do this kind
of thing, it is not an anti-trojan/virus product it is
just anti-spyware... If you can find me a public spyware
product that installs VNC then I will remove my complaint.

 

[Bill Sanderson]

Here's the kb article delineating the grounds for inclusion.

If the VNC vendor feels they don't fit these guidelines and wishes to be
removed, there's a limk at the end for that purpose.

I use VNC multiple times nearly every day of the week, and I am glad it is
included.

http://support.microsoft.com/kb/892340 Microsoft Windows AntiSpyware (Beta)
identifies a program as a spyware threat (Listing criteria and Dispute
process)

Read the description. Is it accurate? Being listed by the program isn't
evidence of skullduggery or underhandedness--in VNC's case it is simply
potential for abuse. Do you feel that the defaukt choice offered by the
program, which as I recall is ignore--is appropriate?

I like the way this works, myself.

 

[Kent W. England]

It is not the job of anti-spyware products to do this kind
of thing, it is not an anti-trojan/virus product it is
just anti-spyware... If you can find me a public spyware
product that installs VNC then I will remove my complaint.

I think it is the job to remove all malware, whether or not you label it
as "spyware". So, I think it should remove trojans and keyloggers and
warn about remote control software, as well as removing adware and spyware.

 

[Guest]

One thing is telling you about it and another is not
letting you run it.

I use the tightvnc client to connect to machines at the
office. I need running in order to work from home. When
I went to run it, the MS antispyware monitors told me it
was a threat that I chose to ignore and that was it. It
didn't run.

I had to shut down the monitor in order to run it.

 

[Bill Sanderson]

Hmm - I haven't had any trouble or notifications about actually running
it--but I don't have the server portion on this machine. I chose "ignore
always" in the dropdown when I saw it on scans.

I do have the server portion on some other machines--generally UltraVNC--and
I've seen no problems, but a couple of those are servers which haven't been
rebooted recently--might happen today, though, because of critical patches.

I agree-you should be able to run such a product without alerts once you've
told Microsoft Antispyware that you are chosing to do so--and that's how it
has worked for me--but I'll check out the other machines that have both
pieces running and see whether there are any problems I haven't seen here.

 

[Bill Sanderson]

(e-mail address removed) wrote on 10-Jan-2005 9:16 PM:

I think it is the job to remove all malware, whether or not you label it
as "spyware". So, I think it should remove trojans and keyloggers and warn
about remote control software, as well as removing adware and spyware.

The terminology thing is getting tougher. I've posted, perhaps foolishly,
in a thread lambasting Microsoft for removing Weatherbug from detection.
The gist seems to be that since Weatherbug displays ads, and perhaps ads
targetted geographically, it should be detected--certainly sounds like
something you might call "adware" doesn't it?

However, if it describes those activities clearly in the EULA, doesn't
collect PII, and has an uninstaller, I think it is legal--and we surely
don't expect this product to remove every piece of software that displays
ads, do we? (well--we might like, but....... : )

 

[Jens]

I agree that it should be flagged as potential spyware and
then afford the user the opportunity to decide whether
they wish to use it or not.

Reality says that the EULAs out on the street (including
Microsofts EULAs) are so incredibly difficult to read
because they were written by a bunch of lawyers. As a
result, most people do not read them.

If the product did not detect them and i was unaware that
the programs were there (regardless of whether the EULA
stated so or not) then I would be thoroughly miffed at
Microsoft.

VNC Client was rightfully flagged and should not be
removed. I have it installed on my machine and I chose
to "ignore" it and it worked fine.

Jens

 

[Bill Sanderson]

Out of curiosity--what did you think of the EULA for the Microsoft
Antispyware product? I can't say that I've studied it in depth, but it did
appear to me to have had some thought given to clarity of presentation and
readability.

 

[John]

A remote access client is used to "see" a remote computer, spying???? A
virus does not do that. So, IT IS the job of antiSPYware to tell me if
something could POSSIBLY be used to SPY on me.

Obviously.