Robert S. Huss rhuss "at"
Fri, 23 Oct 1998 15:39:42 +0000

In a classroom or computer lab you always have the risk of a new malicious
program being run.  We prevent this by using a software licensing program
that prevents anyone from running a program not in its database.

Bob Huss

At 09:05 AM 10/23/98 +0100, Nick Torkington wrote:
>We install VNC on classroom PCs so that it can be used as a teaching aid,
>broadcasting one screen to several students.  We stuff a standard password
>into each student's registry so that we can assist them remotely should they
>require help.
>Even when VNC is executed as a service, students can easily call up the
>properties dialog and then use Revelation to discover this password,
>allowing them to maliciously "take over" other students PCs.
>This has *actually* happened, despite some claims in this forum that it is
>not possible because VNC doesn't work in that way.
>I'd like to continue to use VNC as it has saved us a lot of time over the
>past few weeks, but until this security problem is addressed we're forced to
>withdraw it.
>Nick Torkington
>I.T. Support
>The Oldham College
>The VNC mailing list     -   see
Robert S. Huss, Ph.D.           Department of Chemical Engineering
Project Director                University of Massachusetts
Decision Making by Design       Amherst MA 01003
Curriculum Project              Phone: (413) 545-2819
rhuss "at"             Fax: (413) 545-1647

The VNC mailing list     -   see