Diordna
Active Member
I have lack of knowledge with this stuff, explain the benefits for SSL connections please?
Thanks
Thanks
PhoneMyPc- suggestions/comments/fix requests
- Thread starter solar
- Start date
SSL encrypts the information being sent between your devices so that they cannot be easily viewed by anyone who would want to do so. Without a secure connection anyone with the means and motvation could see exactly what you are streaming, so please don't be checking out your bank statements via PMPC until we get the update
More info on SSL: Transport Layer Security - Wikipedia, the free encyclopedia
More info on SSL: Transport Layer Security - Wikipedia, the free encyclopedia
Ohh I had themed the PhoneMyPC app for myself, and therefore didnt see there was an update... I'll have to check that out and see whats good.
As for SSL encription, yes I have been waiting since early this year for better security. PhoneMyPC, didn't you say a while ago you had achieved SSL but wanted to work on a few things before you send out the update? Why isn't SSL here yet. Love the product, just want it to be safer for users... (love your attention to customers tho, better than anyone else, thanks!)
As for SSL encription, yes I have been waiting since early this year for better security. PhoneMyPC, didn't you say a while ago you had achieved SSL but wanted to work on a few things before you send out the update? Why isn't SSL here yet. Love the product, just want it to be safer for users... (love your attention to customers tho, better than anyone else, thanks!)
SoftwareForMe.com
Member
How did we miss these new posts?
Yes, we had a few other things to do along with the addition of SSL: login support and other security features, coupled with a change to our server architecture, proper licensing and a lot more.
We started with SSL, and only removed it "temporarily" in between builds.
...a mistake we won't make again.
Very soon now!
Yes, we had a few other things to do along with the addition of SSL: login support and other security features, coupled with a change to our server architecture, proper licensing and a lot more.
We started with SSL, and only removed it "temporarily" in between builds.
...a mistake we won't make again.
Very soon now!
ShadowWulf
New Member
- Joined
- May 14, 2010
- Messages
- 16
- Reaction score
- 0
Yea its me, the gamer guy again.
Just though Id share a new demo video using phone my pc.
Same specs as before more or less but im clocked at 1.3GHz and running Bugless Beast v1.1
Same bad quality, sorry...
[video=youtube;Au4hX9MpEV4]http://www.youtube.com/watch?v=Au4hX9MpEV4]YouTube - EvE Online, played on a DROID phone[/video]
20+ fps in station, about the same outside station. NOTE: The client side is STILL running at 1680x1050 with 32b color depth and 8 bit alpha!
Not shabby...
Just though Id share a new demo video using phone my pc.
Same specs as before more or less but im clocked at 1.3GHz and running Bugless Beast v1.1
Same bad quality, sorry...
[video=youtube;Au4hX9MpEV4]http://www.youtube.com/watch?v=Au4hX9MpEV4]YouTube - EvE Online, played on a DROID phone[/video]
20+ fps in station, about the same outside station. NOTE: The client side is STILL running at 1680x1050 with 32b color depth and 8 bit alpha!
Not shabby...
Diordna
Active Member
SSL encrypts the information being sent between your devices so that they cannot be easily viewed by anyone who would want to do so. Without a secure connection anyone with the means and motvation could see exactly what you are streaming, so please don't be checking out your bank statements via PMPC until we get the update
More info on SSL: Transport Layer Security - Wikipedia, the free encyclopedia
Thanks!
So it's just protection. I don't do anything unprotected (phone wise xD) anyways with this app so not a biggie for me.
But when sound comes, I know there is a jesus still walking around, and it's in my phone.
(or would it be satan?? Who cares! It's awesome!)
SSL encrypts the information being sent between your devices so that they cannot be easily viewed by anyone who would want to do so. Without a secure connection anyone with the means and motvation could see exactly what you are streaming, so please don't be checking out your bank statements via PMPC until we get the update
More info on SSL: Transport Layer Security - Wikipedia, the free encyclopedia
Thanks!
So it's just protection. I don't do anything unprotected (phone wise xD) anyways with this app so not a biggie for me.
But when sound comes, I know there is a jesus still walking around, and it's in my phone.
(or would it be satan?? Who cares! It's awesome!)
My fear is not 'doing' stuff on my droid thru PhoneMyPC, its the thought that PhoneMyPC opens a port to your computer, meaning if someone really wanted to get into your computer they could with some skill. With SSL security it would make it harder for someone to access your computer. So my fear doesnt lie in the phone, it lies in someone having access to my computer and watching stuff, taking info, or possibly even controlling processes. Thats the issue here and why I dont use it too much right now. It's going to be an amazing app!
PhoneMyPC said a big update is coming soon. I hope! Yey!
SoftwareForMe.com
Member
Hi,
The term "opening a port" has gotten a lot of bad press in recent years. All this really means is:
1) Some piece of software is "listening" for connections on some TCP port number
2) You [possibly] open your firewall to allow those connections to reach your PC
You do not have to do #2, if you do not want, in which case the fact that PhoneMyPC is listening doesn't matter at all. You can use PhoneMyPC without the direct-connect port.
But, the security risk comes in the software that listens on that port. It used to be the case that, for example, Microsoft IIS started an FTP server on port 21. This meant that anybody savvy to this fact could connect to your FTP server and possibly use an anonymous account to access (or upload) files, or even attempt to hack a real account.
This is where firewalls come in. If you have a firewall and configure it to allow "nothing" to reach your PC, then it doesn't matter what programs on your PC are listening for because they'll never receive a connection.
In this regard, PhoneMyPC is pretty safe. Once the software receives a connection, it sits in "sand-box" mode waiting for a proper authentication sequence, and it is a very good authentication method. If it does not receive the proper sequence, or if it receives even one byte that isn't correct, it drops the connection and goes back to listening.
What this means is that if you have the direct-connect port open in your firewall, anybody could write software that would connect a socket to your computer. But, once connected, they can neither send nor receive data, except for the proper and expected authentication sequence. That is only possible if the program knows two things:
1) The proper protocol to use (this could be learned by watching your network traffic and reverse engineering it)
2) Your user name and password (this can NOT be learned by watching your network traffic)
On the update front, here is a quick status update:
* SSL -- working
* Login -- working
* Unlock -- working
* Auto-Update (for the PC) -- working
There is just one little glitch left to hammer out: occasionally, when you log-in, the portion of code that gathers screen data is running in the wrong desktop and cannot access that data. This won't take long to fix--perhaps even today.
By the way: did you know there are literally hundreds of permutations of 'ways a login can occur?' I think we've got them all down now
The term "opening a port" has gotten a lot of bad press in recent years. All this really means is:
1) Some piece of software is "listening" for connections on some TCP port number
2) You [possibly] open your firewall to allow those connections to reach your PC
You do not have to do #2, if you do not want, in which case the fact that PhoneMyPC is listening doesn't matter at all. You can use PhoneMyPC without the direct-connect port.
But, the security risk comes in the software that listens on that port. It used to be the case that, for example, Microsoft IIS started an FTP server on port 21. This meant that anybody savvy to this fact could connect to your FTP server and possibly use an anonymous account to access (or upload) files, or even attempt to hack a real account.
This is where firewalls come in. If you have a firewall and configure it to allow "nothing" to reach your PC, then it doesn't matter what programs on your PC are listening for because they'll never receive a connection.
In this regard, PhoneMyPC is pretty safe. Once the software receives a connection, it sits in "sand-box" mode waiting for a proper authentication sequence, and it is a very good authentication method. If it does not receive the proper sequence, or if it receives even one byte that isn't correct, it drops the connection and goes back to listening.
What this means is that if you have the direct-connect port open in your firewall, anybody could write software that would connect a socket to your computer. But, once connected, they can neither send nor receive data, except for the proper and expected authentication sequence. That is only possible if the program knows two things:
1) The proper protocol to use (this could be learned by watching your network traffic and reverse engineering it)
2) Your user name and password (this can NOT be learned by watching your network traffic)
On the update front, here is a quick status update:
* SSL -- working
* Login -- working
* Unlock -- working
* Auto-Update (for the PC) -- working
There is just one little glitch left to hammer out: occasionally, when you log-in, the portion of code that gathers screen data is running in the wrong desktop and cannot access that data. This won't take long to fix--perhaps even today.
By the way: did you know there are literally hundreds of permutations of 'ways a login can occur?' I think we've got them all down now
Steveindajeep
Member
Why am I not surprised that update never came?
Yea I was told personally that it would be out most likley on Tuesday, but I was told that about 3 weeks ago... For the money I paid months ago, I just want some SSL security and a little update, all I ask... Plus a phone application shouldn't be in Beta for months and months.... uhhg.
Usually I am a patient calm guy..
Usually I am a patient calm guy..
SoftwareForMe.com
Member
Hi,
I'm pleased to report that we released an update a few hours ago. We spent 100% of our time on software testing and bug fixing, so our website has not been updated to match the new release yet (except for the software download), but that will come in the next couple of days. NOTE: You must uninstall the old version before you install the new one.
This is a brand new release with a lot of changes, and it is likely to have some issues, so please be patient and email us with your observations and finds. Here is a short list of the changes:
* Full login support
* Ability to lock the PC (via CTRL+ALT+DEL, or automatically when you disconnect)
* Ability to unlock the PC
* Full support for UAC--you can see the UAC prompts remotely and respond to them (you can even see your screen saver running!)
* Secure TLS when communicating with our servers
* SSL encryption when connected directly to your PC
* Click-lock in "Full Cursor Mode" via tapping the cursor (easy dragging)
* Ability to password protect the PC settings window
* Application Password removed, replaced with requirement to enter the "one" password
* Webcam view (Alpha) for direct-connected PCs
* Retry/Ignore/Cancel option when the network is flaky
* More servers added
* Countless bug fixes (such as the cursor auto-hide after using the Trackball)
* Improved reliability (worst cases require an exit and re-run of the phone app)
* PC auto-update mechanism
* Licensing scheme (coded, but not enforced yet; we will email all customers keys when it's time)
* More...
We have much work yet to do--bug fixes, sound, other features--and we're now staging our work so we'll never go "months" between updates again.
Cheers!
I'm pleased to report that we released an update a few hours ago. We spent 100% of our time on software testing and bug fixing, so our website has not been updated to match the new release yet (except for the software download), but that will come in the next couple of days. NOTE: You must uninstall the old version before you install the new one.
This is a brand new release with a lot of changes, and it is likely to have some issues, so please be patient and email us with your observations and finds. Here is a short list of the changes:
* Full login support
* Ability to lock the PC (via CTRL+ALT+DEL, or automatically when you disconnect)
* Ability to unlock the PC
* Full support for UAC--you can see the UAC prompts remotely and respond to them (you can even see your screen saver running!)
* Secure TLS when communicating with our servers
* SSL encryption when connected directly to your PC
* Click-lock in "Full Cursor Mode" via tapping the cursor (easy dragging)
* Ability to password protect the PC settings window
* Application Password removed, replaced with requirement to enter the "one" password
* Webcam view (Alpha) for direct-connected PCs
* Retry/Ignore/Cancel option when the network is flaky
* More servers added
* Countless bug fixes (such as the cursor auto-hide after using the Trackball)
* Improved reliability (worst cases require an exit and re-run of the phone app)
* PC auto-update mechanism
* Licensing scheme (coded, but not enforced yet; we will email all customers keys when it's time)
* More...
We have much work yet to do--bug fixes, sound, other features--and we're now staging our work so we'll never go "months" between updates again.
Cheers!
Cant wait to try this out tonight.
bennyj
Member
Hopefully by tonight they will have it fixed! I just downloaded the new software for my phone and Pc, and now it will not connect to their servers.