Security Alert Shows Web Remote Access Weaknesses

Remote computer access users beware - several new vulnerabilities have been revealed in existing solutions. One solution, LogMeIn, was noted to have such vulnerabilities with the exploits to take advantage and control your PC without authorization. More info here: http://securethoughts.com/2009/06/multiple-vulnerabilities-in-logmein-web-interface-can-be-used-to-control-your-computer-and-steal-arbitary-files/

This announcement leads to a critical question in today's hyperconnected world: just how secure is the web? The answer, sadly, is "not very secure". With the rapid proliferation of web browsers (IE, Mozilla, Chrome, Opera, Safari, and so on), the arms-race style of releasing new version upgrades before the ink on the last version is even dry, and (relatively) new technologies like PHP, CSS, javascript, and so on, browsers are increasingly vulnerable to attack.

Factor in the ever-targeted SSL / CA infrastructure at the core of browser-based encryption and site authentication, and you've got fertile territory for malicious forces.

So what's the solution? Don't use browser-based interfaces unless you absolutely have to. "Real" desktop software is remarkably portable these days - on USBs directly or via U3 or VMWare Pocket Ace, or via download on broadband that's available anywhere you have cell coverage, or even installed directly on the disk of a lightweight UMPC. These solutions can provide additional security through 2-factor authentication. There's no need to risk your critical information on web-based access tools. If you need to have a more secure solution you might want to look for a GoToMyPC alternative or a LogMeIn alternative.