Conrad Sallian's community posts


Viewer LNG customizations

Conrad, Support (Posts: 3089)
Apr 21, 2017 6:54:56 am EDT
Hello Thomas,

Thank you for your message.

I'm sorry, but this is not how the Viewer is supposed to be used, and such capabilities are not advertised anywhere on the site or in our sales literature. We cannot provide assistance on undocumented capabilities like changing resource files or re-arranging controls or reverse-engineering of the software. Besides, any such use may violate our EULA.  

The program is provided as is and the only customization options are those available in Options/Settings for the corresponding modules and our MSI Configurator.

Hope that helps.

Annoying Message Part II (Fixed)

Conrad, Support (Posts: 3089)
Apr 20, 2017 7:27:16 pm EDT
Hello,

The issue has been fixed. New version is available here https://www.remoteutilities.com/download/ .

There are quite a few improvements to this version, we'll publish a blog post with the details very soon.

Thanks.

Annoying Message Part II (Fixed)

Conrad, Support (Posts: 3089)
Apr 18, 2017 5:56:18 am EDT
Hello Alim,

We will not delete the post. If we were afraid of having discussions on our site, we wouldn't have a forum in the first place. As you can see - everyone here can speak. Of course, if they follow our forum rules.  

As for the subject:

1.  This exploit only appears if you run a custom Host installer with the "Generate ID" function enabled AND if you click the "Tell me more" button.

2. This bug can only potentially be exploited by the remote user himself - to elevate their permissions. Yes, perhaps there might be other far less probably uses, but overall it has a very limited application/scope.

In this specific case marking your post as "BIG SECURITY ISSUE" could be misleading.  Someone who visits our forum may think that our software in general has a big security issue that applies to absolutely all cases, which is very far from the truth.

So instead of posting here on the forum you could just send us a ticket or an email, and this bug would have been fixed in a few days without anyone even knowing about it, which is good for security. Security issues are not something that should be immediately disclosed - it is advisable to contact the developers privately first, and see how they respond. And if they don't respond and refuse to deal with the issue it may be time to use public pressure. Unfortunately, you decided to use public pressure right from the start as if we were unresponsive or unwilling to fix issues.

We never said that we didn't like when our customers or users let us know about exploits in our software.  Quite the contrary, we can only be thankful for that and we encourage users to send us security bugs - the more the merrier. However, our concern is that making such information public BEFORE the bug is fixed is somewhat imprudent and can diminish security for existing users who use that specific feature. This is certainly not a proper way security bugs should be dealt with.

Thank you.

Annoying Message Part II (Fixed)

Conrad, Support (Posts: 3089)
Apr 18, 2017 5:06:16 am EDT
Hello, Alim,

This update is going to have other fixes and a reworked MSI Configurator. Today we'll be doing final testing before we provide it. So it's not this only bug that this update is going to fix.

Although the bug you mention is a security concern, it is not THAT major or urgent as you might imagine. If it is of so much extreme importance for you please restrain from distributing your Host installer for a while before we provide an update.

Sorry, we do not utilize a "piece of cake" approach. We need to make sure that the next update has been tested before we can make it public. Besides, publicly speaking about found exploits doesn't make your existing installations more secure, hope you understand.

FR: Linux, Mac - Host

Conrad, Support (Posts: 3089)
Apr 16, 2017 6:00:58 am EDT
Hello Marc,

If we have a beta we will make it public and let our users know about it. But we cannot share each and every step of the development process. Each company decides how much transparency it should provide and we don't believe that being that transparent necessarily speeds up the development process. We would rather spend this time and effort on the development itself.

Sorry, we didn't count how many customers we lost. That would be a useless exercise, given how much work to do we have ahead. We strive to fulfill as many promises as we can but it's not always possible to fulfill them all within a reasonable time frame.

mac viewer?

Conrad, Support (Posts: 3089)
Apr 16, 2017 5:44:42 am EDT
Hello Marc,

Thank you for your message.

We understand how important the Viewer for Mac can be for some users. The work on it is in progress now. Unfortunately, we couldn't provide it earlier simply because there were other priorities - features we needed to implement to increase our paid customer base. It's not that we don't want to or cannot implement all suggestions that we receive, it's only that we work on priorities because we must think about our bottom line. It's as simple as that.

Sorry for any inconvenience.

Annoying Message Part II (Fixed)

Conrad, Support (Posts: 3089)
Apr 14, 2017 6:21:58 am EDT
Hello Alim,

It is this Monday or Tuesday.

Annoying Message Part II (Fixed)

Conrad, Support (Posts: 3089)
Apr 14, 2017 5:50:48 am EDT
Hello Alim,

We will fix this problem with the very next update. Thank you for letting us know.

6.6.0.3 Taskbar disappears with loss of connection Full Screen view

Conrad, Support (Posts: 3089)
Apr 11, 2017 4:03:50 pm EDT
Hello Lee,

Thank you for the report. We will test it out and try to reproduce.

taskbar and start menu does not work, no keyboard function

Conrad, Support (Posts: 3089)
Apr 11, 2017 3:37:28 pm EDT
Hello Lee,

Thanks for the update. Yes, feel free to let us know if you need any help.

had no issues with the upgrade. I will over the next few days change the Internet IDs to the more secure 12 character ID.

This is up to you. You don't have to do that, actually, but if you think that you should - no problem.

Please, be careful when updating the Internet-ID through remote settings - it won't update. This was a protection mechanism but we'll most likely remove it 'cause it's no longer necessary.