Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Sunday April 30 2017, @01:22PM   Printer-friendly
from the Ask-Soylent dept.

Recently, someone in my family was not able to get into their home PC with their password, and called for assistance. This means having to drive down to the machine to see what they are doing, and log in with the appropriate account that can reset that password. Work commitments preclude driving there right away to see what is happening, and I am trying to locate a remote access solution. If they were logged into the machine, I could use some sort of remote assistance tool, but that is not an option in this case. There is the possibility of setting up SSH or OpenVPN to access the machine via the Internet, but I am not certain leaving those tools running all the time is the smartest idea in this day and age.

What recommendations do the Soylent community have for securely managing a machine over the Internet when someone is not logged into it?


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 3, Funny) by Anonymous Coward on Sunday April 30 2017, @01:28PM (6 children)

    by Anonymous Coward on Sunday April 30 2017, @01:28PM (#501841)

    "How do you Remotely Manage the Family's Computers?"

    I don't. I just let the NSA do it for me.

    • (Score: 4, Informative) by The Mighty Buzzard on Sunday April 30 2017, @01:51PM (2 children)

      Me either. I tell them I haven't run Windows except for games in twenty years though.

      --
      My rights don't end where your fear begins.
      • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @01:54PM

        by Anonymous Coward on Sunday April 30 2017, @01:54PM (#501848)

        Or tell them that you'll fix the issues when you're in the neighbourhood again... or get support by someone else (most of the times they get it fixed before I'm visiting them again, or it is not so urgent any more).

      • (Score: 0) by Anonymous Coward on Monday May 01 2017, @01:27AM

        by Anonymous Coward on Monday May 01 2017, @01:27AM (#502083)

        With recent hardware failures and other events the whole family has switched to windows 10. I run debian. I used to provide tech support. Used to. Now I respond to any request for support with "windows 10? Yes. That is probably the problem".

        They can't understand why I won't or can't support 10 when I supported 7.
        My response? Yes. Exactly. You don't understand. One day you might. And on that day I will be here.

        If they want to run that privacy destroying auto rebooting crap on their machine then fine. Just don't involve me

    • (Score: 1, Funny) by Anonymous Coward on Sunday April 30 2017, @02:53PM (1 child)

      by Anonymous Coward on Sunday April 30 2017, @02:53PM (#501864)

      Why not just wait 5 minutes until the "Windows Technical Support" people from India call again and let them take a wack at it?

      • (Score: 2, Funny) by Anonymous Coward on Sunday April 30 2017, @04:03PM

        by Anonymous Coward on Sunday April 30 2017, @04:03PM (#501887)

        Because they really do work for Micro$oft.

    • (Score: 3, Funny) by driverless on Monday May 01 2017, @03:19AM

      by driverless (4770) on Monday May 01 2017, @03:19AM (#502112)

      I outsource it to some guys in Russia. They actually do it for free in return for me letting them send some email from my machines, and run a site for fishing enthusiasts or something like that.

  • (Score: 3, Funny) by SDRefugee on Sunday April 30 2017, @01:29PM (11 children)

    by SDRefugee (4477) on Sunday April 30 2017, @01:29PM (#501842)

    Teamviewer.... That's what I use...

    --
    America should be proud of Edward Snowden, the hero, whether they know it or not..
    • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @01:41PM (7 children)

      by Anonymous Coward on Sunday April 30 2017, @01:41PM (#501845)

      Teamviewer 12 is getting spammy with the popup ads, in addition to its little annoyances such as hiding the user's desktop wallpaper for the duration of the session. I'm evaluating Remote Admin Tools for both use with friends/family and also as a business offering, and my interest dropped precipitously in regards to paying Teamviewer $700-cum-$850 for a license to serve my customers popup ads via an app I had them install.

      I'm definitely interested in checking out the alternatives I hope others recommend here.

      • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @02:12PM (6 children)

        by Anonymous Coward on Sunday April 30 2017, @02:12PM (#501856)

        If you are using it for commercial use, you should pay up.

        Freeloader.

        • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @03:10PM (2 children)

          by Anonymous Coward on Sunday April 30 2017, @03:10PM (#501867)

          If you are using it for commercial use, you should pay up.

          Your assumption is incorrect. My evaluation is totally covered under their personal use provisions. What I see during the evaluation is quite unsettling and unbecoming for a "professional" product, thus my interest in other tools.

          • (Score: -1, Troll) by Anonymous Coward on Sunday April 30 2017, @03:16PM (1 child)

            by Anonymous Coward on Sunday April 30 2017, @03:16PM (#501869)

            So you are actually saying that you are a fucking moron as well as being cheap. I get it.

            Perhaps your 'customers' should look elsewhere for quality support.

            • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @03:34PM

              by Anonymous Coward on Sunday April 30 2017, @03:34PM (#501874)

              Look at the title of the post. Read the post. Do you see anything about supporting clients or customers? No. It is about supporting family members. It is you that is the moron.

        • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @06:22PM (1 child)

          by Anonymous Coward on Sunday April 30 2017, @06:22PM (#501938)

          If you are using it for commercial use, you should pay up.

          Freeloader.

          Yup, time to start charging! Pimp your family, I always say! What is the point of having relatives, if you can't profit off of them? It's the Betsy DeVos "school" of though!

          • (Score: 2) by Thexalon on Monday May 01 2017, @11:14AM

            by Thexalon (636) on Monday May 01 2017, @11:14AM (#502219)

            Ferengi Rule of Acquisition #111 clearly states: "Treat people in your debt like family... exploit them."

            --
            The only thing that stops a bad guy with a compiler is a good guy with a compiler.
        • (Score: 2) by SDRefugee on Sunday April 30 2017, @07:51PM

          by SDRefugee (4477) on Sunday April 30 2017, @07:51PM (#501971)

          Dunno WHY I'm replying to an AC, but anyway, I use Teamviewer to support my FAMILY... Which is DEFINATELY NOT a commercial enterprise.. Unless you and Teamviewer consider cookies or a fruitcake once a year as "commercial".....

          --
          America should be proud of Edward Snowden, the hero, whether they know it or not..
    • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @01:54PM (1 child)

      by Anonymous Coward on Sunday April 30 2017, @01:54PM (#501849)

      slaveware for remote access? yeah right.

      • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @04:56PM

        by Anonymous Coward on Sunday April 30 2017, @04:56PM (#501909)

        Closed source and proprietary are two huge strikes against Teamviewer, I agree. For Windows users, it's three primary draws are its generally good behavior (sans new popup ads), it's ease and cleanliness of installation (allowing for manual tweaking to keep it from always running), and it's third-party server relaying to overcome all manner of unexplored network shennanigans one might see in a home or non-profit environment.

        A VPN to an open-source VNC server under my own control really should be the approach I look at next.

    • (Score: 2) by Popeidol on Monday May 01 2017, @01:11PM

      by Popeidol (35) on Monday May 01 2017, @01:11PM (#502248) Journal

      This. It's cross platform, free for personal use, handles all kinds of dodgy or badly designed networks, and doesn't require a full install for people you're supporting - just get them to grab and run the quicksupport exe.

      I previously used a reverse VNC client for the same thing. Teamviewer requires less maintenance and works better in a wider variety of scenarios. For ad-hoc support of family and friends I haven't found anything better.

  • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @01:52PM (5 children)

    by Anonymous Coward on Sunday April 30 2017, @01:52PM (#501847)

    What's wrong with SSH? Just don't allow root to log in (or even change the default port if you really want to, but that's just security through obscurity), use a normal account to login and su(do) to do the root things you need to do.

    • (Score: 2) by JoeMerchant on Sunday April 30 2017, @04:32PM (4 children)

      by JoeMerchant (3937) on Sunday April 30 2017, @04:32PM (#501899)

      SSH is limited and difficult to use.

      VNC FTW.

      --
      🌻🌻 [google.com]
      • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @04:58PM

        by Anonymous Coward on Sunday April 30 2017, @04:58PM (#501911)

        if ssh is too complex for you, then you shouldn't be "helping" your family.

      • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @05:54PM (2 children)

        by Anonymous Coward on Sunday April 30 2017, @05:54PM (#501928)

        VNC is limited in speed and difficult to use.
        X2Go FTW.

        FTFY.

        (As long as we're talking about remoting in into a Linux box.)

        • (Score: 2) by kaszz on Sunday April 30 2017, @06:18PM (1 child)

          by kaszz (4211) on Sunday April 30 2017, @06:18PM (#501937) Journal

          Does that mean that IRIX is out of the question? :p

          Btw, there's some rdp2x etc utilities too I think for those Microsoft boxes.

          • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @11:34PM

            by Anonymous Coward on Sunday April 30 2017, @11:34PM (#502045)

            Does that mean that IRIX is out of the question? :p

            Yes, it does, as there is no native X2Go server for IRIX. Of course, you could place a Linux box with an X2Go server on the same LAN as the IRIX box, then connect X2GoClient ----------X2Go via SSH------> X2GoServer on Linux ----plain X forwarding----->IRIX and accelerate plain X from IRIX that way.

            X2GoClients are available for Linux (ARM, x86/x64), Windows (x86/x64) and macOS.

            Btw, there's some rdp2x etc utilities too I think for those Microsoft boxes.

            Not sure why you'd want to use those. RDP doesn't allow for remote support of a Windows machine; It "steals" the desktop from the user, rather than sharing it. You're probably thinking of Microsoft Remote Assistance - however, there are no Linux clients that support those connects.

  • (Score: 1, Insightful) by Anonymous Coward on Sunday April 30 2017, @01:56PM (14 children)

    by Anonymous Coward on Sunday April 30 2017, @01:56PM (#501850)

    ssh is fine if you set it up properly, assuming they are running linox. (if they are running windows they get no support. that would not be helping them. that would be enabling.) 4096+ keys, non default port, not root access, etc.

    • (Score: 0, Disagree) by Anonymous Coward on Sunday April 30 2017, @02:06PM (7 children)

      by Anonymous Coward on Sunday April 30 2017, @02:06PM (#501855)

      You do realize that you can run SSHd on windows too? Powershell once you get there, or worst case port tunneling for RDP or regular GUI management tools.

      • (Score: 3, Insightful) by Grishnakh on Sunday April 30 2017, @02:36PM (6 children)

        by Grishnakh (2831) on Sunday April 30 2017, @02:36PM (#501859)

        That would require learning Powershell. Why would I want to waste my time doing that? And how would I learn that anyway, since I don't have a Windows box to practice on, and would rather do almost anything than use Windows in my spare time?

        If they're using Windows, they can go to the Microsoft Store or Geek Squad and get some help there.

        • (Score: -1, Flamebait) by Anonymous Coward on Sunday April 30 2017, @03:19PM (3 children)

          by Anonymous Coward on Sunday April 30 2017, @03:19PM (#501871)

          sounds like you are the prick of the family, and dont i expect they would be asking for help from you anyway.

          • (Score: 3, Insightful) by Grishnakh on Sunday April 30 2017, @06:11PM (1 child)

            by Grishnakh (2831) on Sunday April 30 2017, @06:11PM (#501935)

            Well they don't ask me for help fixing their HVAC, since I'm not an HVAC repair tech, and they don't ask me for help in their gardens, since I know nothing about gardening, and they don't ask me for help with their medical ailments, because I'm not a medical doctor. So why exactly should they expect me to be able to help them with Windows?

            • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @06:25PM

              by Anonymous Coward on Sunday April 30 2017, @06:25PM (#501940)

              So why exactly should they expect me to be able to help them with Windows?

              Lemme guess . . . because, . . . they are the pricks of the family?

          • (Score: 1, Offtopic) by SDRefugee on Sunday April 30 2017, @07:56PM

            by SDRefugee (4477) on Sunday April 30 2017, @07:56PM (#501972)

            Seems like its the same here as over on /. .... All the asshole trolls post as AC.. Guess they either don't have an account or more likely are afraid of making trollish comments with their identity revealed for all to see...

            --
            America should be proud of Edward Snowden, the hero, whether they know it or not..
        • (Score: 2) by NotSanguine on Sunday April 30 2017, @07:50PM

          That would require learning Powershell. Why would I want to waste my time doing that? And how would I learn that anyway, since I don't have a Windows box to practice on, and would rather do almost anything than use Windows in my spare time?

          Actually, you can run PowerShell everywhere [github.com]!

          Now get going and clear that gay porn adware off of Aunt Lizzie's Windows 10 box!

          [Not sure which is ickier, gay porn adware or Powershell on Linux]

          --
          No, no, you're not thinking; you're just being logical. --Niels Bohr
        • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @09:31PM

          by Anonymous Coward on Sunday April 30 2017, @09:31PM (#502010)

          isnt powershell open source now? its possible in the future you might see it come to linux

    • (Score: 2) by VLM on Sunday April 30 2017, @03:44PM (5 children)

      by VLM (445) Subscriber Badge on Sunday April 30 2017, @03:44PM (#501879)

      assuming they are running linox

      My kids share a raspbian which is debian linux for a raspberry pi, as a desktop, for those times when the on screen keyboard of their school issued and admined ipads doesn't cut it, or they just want a bigger screen to work on stuff. It doesn't get a huge amount of use, but it gets some use.

      Every couple years I stick a newer faster pi in (sometimes needing new case) and a newly burned flash.

      That's really all the support I need to do.

      The only problem they ever have is when they plug in a USB headset there's only about 1/3 chance the audio out will work, because it will seemingly randomly output the earphone/speaker jack, the HDMI-audio, or the USB headset.

      • (Score: 2) by JoeMerchant on Sunday April 30 2017, @04:34PM

        by JoeMerchant (3937) on Sunday April 30 2017, @04:34PM (#501901)

        Linux audio - frustrating users for 30 years and counting.

        Why must you hear Biff Bark?

        --
        🌻🌻 [google.com]
      • (Score: 2) by kaszz on Sunday April 30 2017, @05:59PM (3 children)

        by kaszz (4211) on Sunday April 30 2017, @05:59PM (#501932) Journal

        Maybe there's a sysctl to set the default sound device?
        sysctl -a | grep ..

        • (Score: 2) by VLM on Monday May 01 2017, @12:22PM (2 children)

          by VLM (445) Subscriber Badge on Monday May 01 2017, @12:22PM (#502235)

          Its a UI thing invariably what the kids think should work is not the default or the last used or whatever it ends up doing.

          An interesting failure mode is "most" HDMI monitors don't have speakers but "most" HDMI televisions do have speakers, and there's a bug in the HDMI spec where you can output audio to the HDMI port even if the device its connected to has no audio hardware... They can implement all this idiotic DRM stuff but not simple audio UI...

          Its kind of like if you have a TV without four HDMI inputs you'll get endless complaining about not having enough inputs or not having a switch at all, and if you have four inputs you'll get the same amount of complaining about its impossible UI. I solved this familial problem with my TV using a physical HDMI switchbox with little indicator LEDs. Probably the "correct" way to fix desktop sound is to eliminate all sound output hardware except one digital output and if people want multiple inputs or multiple outputs and are not functioning at the virtualization level inside their heads, then they get external switch box or literally swap cables. Its a hardware design failure to give people hardware they can't mentally handle.

          • (Score: 2) by kaszz on Monday May 01 2017, @06:30PM (1 child)

            by kaszz (4211) on Monday May 01 2017, @06:30PM (#502436) Journal

            HDMI protocol nor EDID have no provision for "Do you have audio output?" ..? if it's missing it's a really crappy protocol.

            Sometimes you just have to realize however that some people are of a bad design and can't handle a lot of things that require thinking. I will however admit that audio/video output setups can be messy.

            Like if you have two USB sound outputs and one digital amplifier. If you switch USB ports then the computers will loose default output setting. And you also need to control the switch through some non-standard driver that has no OS support anyway. If you switch the digital sound after the USB soundcard it may make the digital amplifier loose sync and still needs some non-standard controlling.

            And the standard issue that most audio/video equipment lack a good automated control input. So it's all got to be some IR diode with MCU cludge with Ethernet.

            • (Score: 2) by VLM on Monday May 01 2017, @06:55PM

              by VLM (445) Subscriber Badge on Monday May 01 2017, @06:55PM (#502453)

              HDMI protocol nor EDID have no provision for "Do you have audio output?" ..? if it's missing it's a really crappy protocol.

              Well there is the issue of bugs and I can assure you that a pi3 with a rando no name chinese LCD monitor from a couple years back is thrilled to try and send HDMI audio to the monitor.

              It is also possible the hardware is fine and compatible and the protocol is perfect but the budget monitor simply terminated the audio out into empty space. No amp, no speakers, same chip and everything plus an extra $5 would have gotten a monitor with HDMI speakers... Maybe.

              And the standard issue that most audio/video equipment lack a good automated control input. So it's all got to be some IR diode with MCU cludge with Ethernet.

              Its surprising how bad that works. There's a cottage industry around trying to get that to work for mythtv people to connect a cable box (or satellite) to their system and I got everything working except reliable channel selection, just couldn't get it to work. Not much worth watching on TV anyway.

  • (Score: 1, Interesting) by Anonymous Coward on Sunday April 30 2017, @02:03PM

    by Anonymous Coward on Sunday April 30 2017, @02:03PM (#501854)

    Why are you not giving them terminals that connect back to your house instead? Except for the gamers in your family, a full PC is overkill.

    Boot off a write protected flash, problem solved.

  • (Score: 5, Informative) by Anonymous Coward on Sunday April 30 2017, @02:18PM (1 child)

    by Anonymous Coward on Sunday April 30 2017, @02:18PM (#501858)

    For someone I regularly help i.e. parents, then I have OpenVPN running permanently on a standalone linux box on the same LAN. You could also get away with a Pi or similar instead if you're concerned about power and footprint. It connects _out_ from their network to a server I control, so it doesn't directly expose their network to the Internet. Then iptables can be configured with NAT and Masquerade targets as appropriate on both ends of the VPN tunnel so less need to think about configuring networking and routing, if that's not your forte.

    This gives me access to their their LAN. From there I have TightVNC running in service mode on their Windows machines, restricted to accepting connections from certain private IPs only. Service mode TightVNC allows full desktop access even if no-one's logged in to the machine. If your target machine is Linux or MacOS instead of Windows, well you can access SSH over the VPN tunnel instead, it's still not exposed to the Internet so is fine.

    • (Score: 3, Interesting) by opinionated_science on Sunday April 30 2017, @04:31PM

      by opinionated_science (4031) on Sunday April 30 2017, @04:31PM (#501898)

      I have used something similar. One pro-tip I would give, is get a UPS for both machines (yours , the modem, network etc and the pi - and their PC).

      Dirty power/lightning can mess with delicate electronics...

  • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @02:39PM (11 children)

    by Anonymous Coward on Sunday April 30 2017, @02:39PM (#501860)

    Sometimes a telephone call will suffice. I would think that it ought to for the example in the summary. About that, it seems odd that someone wouldn't have the password to administer his/her own computer. Perhaps it's a child?

    • (Score: 4, Informative) by AthanasiusKircher on Sunday April 30 2017, @03:38PM (10 children)

      by AthanasiusKircher (5291) on Sunday April 30 2017, @03:38PM (#501875) Journal

      Sometimes a telephone call will suffice. I would think that it ought to for the example in the summary. About that, it seems odd that someone wouldn't have the password to administer his/her own computer.

      You obviously haven't spent a lot of time working with older people who still don't understand computer basics. For some older members of my family (in their 70s), I've actually had to go three levels through a chain of password recoveries until I finally got access.

      (The whole story: I was trying to set up an Echo Dot which one of them had encountered at a friend's house and thought was cool, so he bought one. I advised against it, but anyhow... I needed to install the Alexa app on something, because Amazon obviously couldn't allow you to setup their device without another device. So, they hand me an iPad.. 2, which hadn't had its OS updated in years. Obviously the Amazon Alexa app wouldn't install without a system upgrade, but the tablet was too full of photos and other nonsense to even download an OS upgrade. So, they have another tablet -- an Acer. I need access to the Google account they had linked it with to get into Google Play. They can't remember the password. I try password recovery, which sends me to a different email address of theirs at Yahoo. They can't remember the password there either. I try password recovery there, and it sends me to yet another Yahoo account for recovery. They can't remember that password either. Luckily, that third account contained another -- younger -- family member's email address as a recovery address, so I call her up and send her the recovery code, which she then gives to me and allows me to go through and recover THREE email accounts to get to what I needed to. Ultimately, stupidly, I realized too late that the Android version on this tablet was too old to download the Alexa app too, and of course most manufacturers don't do system updates on tablets beyond a year or two these days. What a waste of a couple hours of my life. Now, you may say, "How could they not know so many of their own passwords??" Because modern devices tend to save passwords forever... so they just entered these things years ago ONCE for their devices, and they haven't needed them since. And yes, this whole thing was a security disaster waiting to happen with outdated devices... but by this point I was too frustrated to do anything more than give them a stern lecture to write down the new passwords I had just given them and just buy some new devices.)

      These are the same people who simply can't figure out how they turn Airplane Mode on their tablets all the time, leading the "internet to stop working." Despite owning these tablets for several years, they didn't even know what airplane mode was until I recently explained it to them. Trying to troubleshoot anything with them over the phone is an exercise in futility.

      Perhaps it's a child?

      Any child over the age or 3 or so likely has better intuition about how to deal with computers and other modern tech than a 70+ year old family member. Unless they used computers in their jobs before they retired -- and a lot of blue-collar workers didn't start using them frequently until the past decade or so -- they may have absolutely no clue how to interact with modern tech. Modern tablet/phone OSes (which are supposedly meant to be "simpler") are the worst, because they are non-discoverable and depend on knowing where/how to swipe to do a lot of stuff, with no instruction manual included.

      Older people tend to know how to read Facebook, order from Amazon, maybe find the obituary page in their local newspaper through the browser on their tablet, and whatever stupid puzzle game app or whatever they like to play. That's about it. Figuring out how to turn on the camera reliably when trying to Skype is "advanced" for them.

      • (Score: 1, Informative) by Anonymous Coward on Sunday April 30 2017, @05:01PM

        by Anonymous Coward on Sunday April 30 2017, @05:01PM (#501912)

        To add to this and distill the primary problem with providing phone support: it's very slow. A competent admin with remote access can generally fix problems much faster than trying to guide an inexperienced user through the same process by voice.

      • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @06:00PM

        by Anonymous Coward on Sunday April 30 2017, @06:00PM (#501933)

        I think you done been trolled.

        That, or his intellectual exceptionalism has resulted in no family members calling for help due to his being unable to properly communicate in any language that they understand, but they all seem to leave him alone since he *is* able to communicate he can't help them because his fancy words are indistinguishable from magic.

        Anyway, no good deed goes unpunished. If you set up a support system, you will be expected to use it. If you have time for that, then that is great.

        I told my family to get tablets after their XP and Vista machines conked out. One of them thought it strange because I "work in computers" and bought one that came with windows 10 on it. They asked for help and I was ineffectual and they believed me when I said I wouldn't even use this if you gave it to me for free!

        They got some of the computer club people in the retirement community to make faces at it because they avoided win10 as well, and ultimately someone got them downgraded via some method I didn't ask about, and they ALSO bought a tablet... they didnt want to go through this again with a laptop...

        but yeah. this question was probably relevant to me 10 years ago, but I guess the question is aimed at 20 somethings that are now the grown up kids that are so smart they will of course help everyone with their computers. 10 or 15 years from now, no matter what the OP is using as a primary 'workstation' OS, he will have a younger relative filling this niche, asking how to remotely control smartphones easily without the use of a digital app locker or something.

      • (Score: 4, Informative) by Appalbarry on Sunday April 30 2017, @07:07PM (6 children)

        by Appalbarry (66) on Sunday April 30 2017, @07:07PM (#501953) Journal

        Any child over the age or 3 or so likely has better intuition about how to deal with computers and other modern tech than a 70+ year old family member.

        Um, which 70 year olds are those? I'm well past sixty, and have worked my way through programming on punch cards, C-64, many versions of Windows, an Apple, and Linux, along with a couple of dedicated word processors.

        I know at least a few people over seventy who have a programming background, plus a lot of time spent doing graphic design and computer music composition on various machines.

        In fact, with the single exception of my 89 year old mother I don't know a single person over the age of 65 who doesn't have smart phones, computers, or tablets, and usually all three.

        We are the generation that invented, and grew up with personal computers. It's absurd to suggest that we are any less capable of using technology than you are.

        In other words, you can't complain about old people not understanding tech, and then also complain that they've taken over Facebook and Twitter. The problem is aptitude or training, not age.

        • (Score: 1, Insightful) by Anonymous Coward on Sunday April 30 2017, @07:37PM

          by Anonymous Coward on Sunday April 30 2017, @07:37PM (#501960)

          The 'tech savvy generation' is a complete myth. Most people can do little more than access their Facebook accounts (and they are suckers for having such a thing anyway) and use the same software they are already familiar with (typically proprietary Microsoft garbage); that's not even remotely tech savvy.

        • (Score: 4, Insightful) by hemocyanin on Sunday April 30 2017, @08:31PM (1 child)

          by hemocyanin (186) on Sunday April 30 2017, @08:31PM (#501983) Journal

          It depends on who you flock with. In my work I run into lots of people not in technological field and the older they are, the more mystifying the tech is. By the same token, I've hired plenty of millennials to do receptionist type work and I'm always disappointed at their computer skills. Yes they can use Facebook fine, but I really feel like I shouldn't have to explain that cmd-c is "copy" and cmd-p is "paste" -- this isn't esoteric knowledge.

          Secondly, you're a programmer and know other programmers. The way most people see technology is as a magic black box and if it doesn't work like they expect, they won't even make a methodical attempt to understand it. Certainly as a programmer, you've looked at the way a program fails to understand how to fix it, probably even tried to make it fail. When you experience glitches in a program you didn't write, you can methodically attack the program to see exactly what makes it fail to come up with a work-around. You get that there is a logical interaction between what you do and how the program was written. Most people don't -- it is simply magic to them which works until it doesn't, and once something is outside the rote learning they used to get to whatever skills they have, they quit.

          So anyway, you may be a geezer (and I'm right behind you), but your technical skill level is not the norm, your understanding that tech is not black magic is not the norm, and your faith that people will care enough to learn it is not the norm.

          • (Score: 2) by gidds on Tuesday May 02 2017, @12:53PM

            by gidds (589) on Tuesday May 02 2017, @12:53PM (#502773)

            Exactly!  As you say: people treat technology as magic; they don't want to understand it, they just want to remember the specific sequence of actions to achieve a particular goal, and treat everything else as ‘Here Be Dragons’.

            And I think it's less about details than about the whole mindset.  For example, I had a family member who simply couldn't get his head round softkeys.

            This wasn't on a computer, nor even a smartphone, but back on what we'd now call a ‘feature phone’ (i.e. a dumb mobile) — and a simple one at that.  It had just one softkey (a button below the screen that could do different things, with its current meaning shown on screen next to it).  He wasn't a stupid guy, but he just couldn't grasp the idea that you needed to look at the screen to see what the button did.  He expected to remember a sequence of keypresses to do what he wanted, and it frustrated him no end that pressing the same keys in the same order could have different results.

            Actually, I think that mindset is much wider.  People ask me “How do I do X?”, and (because I'm often not familiar with the device or software in question) I have to say, “I don't know. But let's take a look…”  And I can often do it, not because I know what buttons to press, but because I look at the screen and try to see what it's telling me.

            It seems that many people just don't look.  Perhaps especially older people; perhaps because when they grew up, controls were hard-wired, and devices didn't have any state other than the control settings, so you never needed to look.

            How do we avoid getting like that?  How do we keep up with technology?

            That's tricky.  I think one thing is to try to set aside preconceived ideas.  Perhaps that's why young folk pick this stuff up quicker: they're not trying to fit everything into their existing understanding, because they don't have any existing understanding.  They just accept what they see for what it is.

            And another is to play.  Children are also very good at this, but adults tend to look down on it.  Which is a shame, because exploratory play is how we learn about new things!  Obviously, with technology you have to be a little bit careful to avoid doing real damage, but having a good old play and poke around is a vital way of getting to grips with something new.

            In the Olden Days™, of course, this was easier: you could look through all the menus (or press all the buttons) to get a good picture of what was possible.  As software moves away from such old-fashioned UIs and is controlled more by gestures and swipes, that gets harder to see.  I think we're laying down a real problem with software discoverability.

            But I think it's just as important simply to keep your eyes open.

            --
            [sig redacted]
        • (Score: 2) by AthanasiusKircher on Sunday April 30 2017, @08:53PM (2 children)

          by AthanasiusKircher (5291) on Sunday April 30 2017, @08:53PM (#501993) Journal

          Um, which 70 year olds are those?

          People in my family. Relatives of my friends. Lots of older folks.

          I know at least a few people over seventy who have a programming background

          So do I. Please re-read my post. The one sentence you quoted sounds like an overgeneralization, but you will note that I specifically referred to blue-collar workers, many of whom may have retired before they got a lot of computer experience.

          In fact, with the single exception of my 89 year old mother I don't know a single person over the age of 65 who doesn't have smart phones, computers, or tablets, and usually all three.

          My family members I referenced have all three too. That doesn't mean they have any clue how to use more than their most basic features.

          It's absurd to suggest that we are any less capable of using technology than you are.

          I didn't suggest any older people are "less capable" of learning how to use technology. I used the word "intuition" in the very quote you used, which is something that generally comes from experience. I merely suggested that many older people lack significant experience, and it's pretty much an established psychological fact that older folks have a harder time absorbing new skills. I myself will admit to that -- I certainly don't "pick things up" as fast as I did 10 or 20 years ago.

          In other words, you can't complain about old people not understanding tech, and then also complain that they've taken over Facebook and Twitter.

          Who is complaining about older people taking over Facebook and Twitter? I don't give a crap about either.

          The problem is aptitude or training, not age.

          And my statement was that a larger percentage of people over the age of ~70 (maybe closer to ~75 now) had significantly less exposure to technology (which means less training) than people tend to in everyday work, etc. today. Therefore, the minimal skills many of them have are somewhat limited to tasks they actually do everyday (see the list at the end of my email).

          By no means did I mean to imply (and I certainly didn't say) that older people are all stupid or incompetent or whatever you think I said. And plenty are experienced and have spent decades working with computers, etc., but it's more likely to find those who AREN'T among older people than younger ones.

          • (Score: 2) by AthanasiusKircher on Sunday April 30 2017, @09:14PM (1 child)

            by AthanasiusKircher (5291) on Sunday April 30 2017, @09:14PM (#502001) Journal

            By the way, if anything my statements were meant to mirror the adage that was popular about 20 years ago about how people needed the grandkids to program their VCR. I assume you remember when people used to say that. And I'm sure, given your background, you were able to program your own VCR at the time. That didn't make the statement less apt for lots of older folks.

            But really what it was about was unfamiliarity with interfaces coupled with decreasing desire to experiment with new tech. How many older people back then really cared enough to program their VCR? Most of them certainly didn't fiddle around with buttons on the remote just to see what they did as their grandkids did.

            Now we have devices like tablets that have dozens or even hundreds of times the number of functions that those VCRs did, often with interfaces that are just as unintuitive, non-discoverable, and filled with jargon.

            • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @10:28PM

              by Anonymous Coward on Sunday April 30 2017, @10:28PM (#502022)

              the adage that was popular about 20 years ago about how people needed the grandkids to program their VCR. I assume you remember when people used to say that.

              Hey, Gramps! What's a "VCR"?

              (See, now the grandkids need a grandparent to explain what magnetic tape was, why we say "dial" a phone, and how to wear on onion on your belt.)

      • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @11:20PM

        by Anonymous Coward on Sunday April 30 2017, @11:20PM (#502040)

        You didn't understand my comment. What I meant was: it seems odd that someone wouldn't be permitted or trusted to have the root/Administrator password to administer his/her own computer. The asker knew the root/Administrator password, but seemingly didn't consider providing it to the owner of the computer. See the part about "having to drive down to the machine to see what they are doing, and log in with the appropriate account that can reset that password"?

        Any child over the age or 3 or so likely has better intuition about how to deal with computers and other modern tech than a 70+ year old family member.

        Given unsupervised physical access, it doesn't take much cleverness to find a bootable ISO that has chntpw, and gain access to an Administrator account on Windows. It takes less to find a bootable ISO and use it as a live CD. A child could do it. As for elderly people, even if they are forgetful or incompetent, we usually trust them to handle their own affairs. In either case, I question the value of keeping the root/Administrator password secret from the owner of the computer.

  • (Score: 5, Funny) by VLM on Sunday April 30 2017, @03:24PM (4 children)

    by VLM (445) Subscriber Badge on Sunday April 30 2017, @03:24PM (#501873)

    How do you Remotely Manage (AC's) Family's Computers?

    OK well when Auntie's linux kernel 3c509 driver isn't recognizing her ethernet card because its a newly released PCI identity with the same hardware but a different PCI identification thingie. If she had a working ethernet card she would have downloaded the patched version and not bothered me ... you walk auntie thru running lspci to find the PCI identity thing and then help her wander thru the filesystem to find her distro's kernel source and build system then edit the e2k driver to recognize the new PCI id number essentially hand replicating the patch then provide morale support while she compiles the kernel the "correct" way for her distro then install it and reboot and damn if it didn't work first time, I love stories that end that way. No big deal she did tougher tasks as a MVS370 sysprog before I was born, but why not ask a local guide for help and "kids these days" know all about linux so there I was. This is only a slightly fictionalized version of a real conversation 20 years ago. Auntie being a MVS370 sysprog is not the fictionalized part, of course by then she was a retired VM cluster and MVS/390 sysprog I think they were calling it "z-system" by then. One of those who still calls hard drives "DASD" decades later. She thought it was so cute that my first financial job site was running an older version of VTAM or CICS or whatever it was than she was running at that time obviously our sysprog was not as cool as she was. Whatever.

    log in with the appropriate account that can reset that password

    Oh, I thought you meant real sysadmin stuff, but you're actually asking what to do when your family is retarded (sorry for lack of political correctness, which everyone knows is a pretty high priority for me). You could ask for something you want in return, maybe get laid, but perhaps that kind of "keep it in the family" behavior how the family ended up full of retards to begin with, so rule that out. No AC, I think the final solution to your problem is adoption. Better get used to calling me "Daddy". We'll see who calls who for help, LOL.

    • (Score: 1, Funny) by Anonymous Coward on Sunday April 30 2017, @04:41PM

      by Anonymous Coward on Sunday April 30 2017, @04:41PM (#501905)

      Pretty much. There's no way that I'd drive several hours because somebody is being a dumb ass unless I can hit them.

      Other than that, perhaps point a web cam at the screen and tell the user what to type. Then get a robot arm to smack them remotely.

    • (Score: 1, Funny) by Anonymous Coward on Sunday April 30 2017, @05:04PM (1 child)

      by Anonymous Coward on Sunday April 30 2017, @05:04PM (#501913)

      Nice story. Non issue. If you are supporting family members, why are they updating their computers? Isn't that something *you* would be doing after testing?

      • (Score: 2) by VLM on Monday May 01 2017, @12:16PM

        by VLM (445) Subscriber Badge on Monday May 01 2017, @12:16PM (#502234)

        First of all you forgot to call me Daddy as per above. So that would be "If you are supporting family members, Daddy, why are they..." Secondly a woman who was applying IBM PTF patches to her mainframe before I was born can mostly handle "apt-get" by herself without nephew handholding.

    • (Score: 2) by Hyperturtle on Sunday April 30 2017, @06:31PM

      by Hyperturtle (2824) on Sunday April 30 2017, @06:31PM (#501942)

      Hey wait a minute! Auntie is pulling your leg; the PCI version of the venerable 3c509 family of 3Com cards never received 64 bit OSsupport!

      (Nor did the ISA card, which I expect she had working just fine in her windows 98 desktop until she upgraded...maybe it's a 'dual personality' slot that shares IRQs and DMA access for ISA 16-bit and PCI 32 bit slot resources?)

      And if you are trying to get the PCMCIA 10mb 3c50x cardbus dongley appendage to work for Auntie, make sure you use the original dongle cable because its wired for 10mb only due to missing about, oh, everything except for tx, rx, and ground...cat5 might work as long as you didn't plug the cable in fully). Still, thats way more than enough to connect in at 300bps over a shared dialup connection. Just make sure NETBeui is enabled so the mainframe printer was reachable it if wasn't IP enabled and you ran DLSW+ over a virtual token ring bridge to ethernet over dialup.

      Of course, if she was calling about the lp0 on fire message on her teletype, but had to hang up to call you but without logging out first, adoption may not even be necessary if you wait long enough for the automatic and continuous-feed combustable paper feeder to burn to its inevitable conclusion. I think that was the second leading cause of death when playing Zork without a CRT and relying on an echo of the line feed being routed to lp0.

  • (Score: 0) by Anonymous Coward on Sunday April 30 2017, @04:55PM

    by Anonymous Coward on Sunday April 30 2017, @04:55PM (#501908)

    You could set up a PC (or raspberry pi/similar) for remote access (e.g. openvpn via a non default port). If your family members need help, they turn it on and then it is a gateway for you to the other machines. When you're done shut it down.

    If you're very paranoid you could use port knocking or related stuff (e.g. port knocking with packets that contain a correct OTP), etc.

    But seriously, I wouldn't bother with the port knocking or more sophisticated stuff because if the first method isn't good enough for the attackers you encounter, your family are probably good as pwned whatever you do. After all they need help from you and you're asking for help on such stuff here ;).

    BTW setup some automated backups while you're at it (so if they get ransomware or hardware failures you might at least have some backups for them).

  • (Score: 1) by darkpixel on Sunday April 30 2017, @05:22PM (5 children)

    by darkpixel (4281) on Sunday April 30 2017, @05:22PM (#501916)

    I got sick of all the tools out there that were either expensive or didn't do exactly what I wanted, so I built my own. I still consider it early beta software, but it works for me. It's a combination of a windows agent that monitors event logs and certain failure conditions (backups, hard drives, etc...) and VNC bound to localhost on the client machine. It then starts an SSH tunnel and a reverse port forward that can be connected to through a noVNC terminal on the website. If anyone wants to play with it and/or provide feedback, it'd be appreciated. It's been free for the last ~18 months and I've had a handful of companies and users sign up and start using it. https://mspdna.net/ [mspdna.net]

    • (Score: 2) by Gaaark on Sunday April 30 2017, @06:13PM (2 children)

      by Gaaark (41) on Sunday April 30 2017, @06:13PM (#501936) Journal

      you should have on the front page some links for Documentation, About, a Wiki maybe?

      I don't want to give you even a throw away email address (why waste my time) just to find out ANYTHING about your software.

      (Is it open source? Will it be payware eventually? etc, bork bork bork?)

      --
      --- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
      • (Score: 1) by darkpixel on Sunday April 30 2017, @06:47PM

        by darkpixel (4281) on Sunday April 30 2017, @06:47PM (#501947)

        Yeah--I totally get that. I'm a single developer who started developing it to 'scratch an itch'. I definitely need a page that explains that I won't spam your e-mail (you should get one and only one e-mail--the signup confirmation link), and how the software works, and how I secure your information. Like I said--early beta and I'm the only guy working on it.

        For the last year, I had dreams of 'making it big' (there are a few companies out there who get sorta close to what I have, and they charge $3-$5 per install), but lately I've been thinking about open sourcing it so people can self-host as well as a paid version in case you don't want to self-host.

        Additionally, I personally would be nervous about installing closed-source software on my computer. I just need to find the time to clean up some of the code, document it, write a README, and release the components. ;)

      • (Score: 1) by darkpixel on Sunday April 30 2017, @06:49PM

        by darkpixel (4281) on Sunday April 30 2017, @06:49PM (#501949)

        I should add: Go ahead and fake whatever info you want on signup. The only thing you need is a valid e-mail address to get a confirmation e-mail. If you're worried about security, play around with it on a Windows VM that has been snapshotted, or is in an isolated environment. Eventually I will get around to cleaning up the signup form to ask for less information and have a FAQ on the .com site.

    • (Score: 2) by kaszz on Sunday April 30 2017, @06:22PM (1 child)

      by kaszz (4211) on Sunday April 30 2017, @06:22PM (#501939) Journal

      Do you live in a USA jurisdiction so you can be compromised via funny letters? :p

      • (Score: 1) by darkpixel on Sunday April 30 2017, @06:43PM

        by darkpixel (4281) on Sunday April 30 2017, @06:43PM (#501945)

        Yes, unfortunately. Great question though, as I have been thinking about ways around that.

        Specifically making the SSH component available for anyone to download and install so that you can spin up your own SSH endpoint for remote management.

  • (Score: 4, Insightful) by turgid on Sunday April 30 2017, @07:02PM (1 child)

    by turgid (4318) Subscriber Badge on Sunday April 30 2017, @07:02PM (#501952) Journal

    Everyone in my family knows I don't "do Windows." Problem solved.

    Similarly, at work, I don't "do Windows." I'm far more productive than most other people. I don't waste time on Windows nonsense, so I get more practice honing useful skills. The boss respects that. By the time people have negotiated with umpteen managers and the IT department to get some crazy piece of closed-source software with a shiny GUI installed, I've usually written a couple of shell scripts to solve the problem and to automate it in future.

    There are people today who have never heard of cron.

    What is the world coming to? I know, systemd.

    • (Score: 4, Funny) by aristarchus on Sunday April 30 2017, @07:50PM

      by aristarchus (2645) on Sunday April 30 2017, @07:50PM (#501969) Journal

      What is the world coming to? There are people today who have never heard of cron.

      There is this:

      Between the time when the oceans drank Atlantis and the rise of the sons of Aryas, there was an age undreamed of. Let me tell you of the days of high adventure!

      But even when people had heard of Cron, they did not necessarily like him all that much:

      Cron, I have never prayed to you before. I have no tongue for it. No one, not even you, will remember if we were good men or bad. Why we fought, or why we died. All that matters is that two stood against many. That's what's important! Valor pleases you, Cron... so grant me one request. Grant me revenge! And if you do not listen, then to HELL with you!

      (Slightly modified from Conan's original soliloquy.)

  • (Score: 3, Interesting) by Aiwendil on Sunday April 30 2017, @07:17PM

    by Aiwendil (531) on Sunday April 30 2017, @07:17PM (#501956) Journal

    For those running linux-systems I set up I use a very oldschool method:
    I simply leave a bootable usb-stick that sets their password back to a default (written on the stick), and I have a startup-script in their system that demands setting a new password if it derects the default is in use.

    Regarding anything with errornessages they know my first thing will be to ask for an mms with a photo of the error, and anything hardwarerelated will need photos of the tag with maker/model and one of the ports.

  • (Score: 2) by archfeld on Sunday April 30 2017, @07:56PM

    by archfeld (4650) <treboreel@live.com> on Sunday April 30 2017, @07:56PM (#501973) Journal

    other than my brother who is capable of managing his own computer, my extended family uses windows 7/10, so password recovery is a simple thing. Either via safe mode or thru their Microsoft ID.

    --
    For the NSA : Explosives, guns, assassination, conspiracy, primers, detonators, initiators, main charge, nuclear charge
  • (Score: 3, Funny) by Sulla on Sunday April 30 2017, @08:15PM

    by Sulla (5173) on Sunday April 30 2017, @08:15PM (#501978) Journal

    Well if a family member called I would tell them that the correct procedure would have been to access the online portal and submit a properly formatted service request, then I would hang up.

    These people, you think I am going to drop everything and fix a problem on your terms? The service request system exists so that requests can be ordered and completed by priority. Not going to have my one service tech busy on the phone when I am trying to play solitare.

    --
    Ceterum censeo Sinae esse delendam
  • (Score: 1) by oregonjohn on Sunday April 30 2017, @08:31PM

    by oregonjohn (6105) Subscriber Badge on Sunday April 30 2017, @08:31PM (#501984)

    NeoRouter, easy search, works for me. There is a free version. You create a server (probably on your own computer) then install clients with passwords on whomever you wish.

    NeoRouter works on Linux and Windows, Mac, mobile, html5, in-a-box (the server that is), freeBSD. There is a paid mesh service available so the server is not stuck on one computer, the pro version offers a firewall and other options. The pro version is not that expensive and helps support their efforts. Not open source.

    NeoRouter starts at boot so you can see the password screen on a client.

    While they make it easy to have ip address of the server connect via a name, you can set your own server ipaddress instead. You can also change the default port if you wish.

    Happy user, not affiliated with them.

  • (Score: 2) by turgid on Sunday April 30 2017, @08:53PM

    by turgid (4318) Subscriber Badge on Sunday April 30 2017, @08:53PM (#501994) Journal

    Is that still a thing? My father used to swear by it, even though VNC and SSL had been about for several years. Then he'd spend hours on the phone ranting about all the trouble he'd had remotely accessing the servers...

    He's retired at last, and he reckons he's going to give this newfangled Linux technology a try one of these days. I put Mandrake on his laptop for him in 2001 IIRC but logging in with a username and a password was "so old-fashioned."

  • (Score: 2) by darkfeline on Sunday April 30 2017, @09:53PM

    by darkfeline (1030) on Sunday April 30 2017, @09:53PM (#502014) Homepage

    The best thing to do is to give them something like ChromeOS where you don't have to manage it. Everything is in the cloud, you don't have to worry about backups, you don't have to worry about viruses for the most part, if the machine breaks you can get it repaired or replaced since all of your data is in the cloud, the hardware is interchangeable. Pre-packaged apps are provided through a controlled app store, and most things are web apps now anyway.

    Of course you sacrifice some privacy (depending on how much you trust Google with your aunt's cat photos), but you can't have your cake and eat it too.

    From what I've heard from my younger sibling, schools are adopting ChromeOS for the cheap price and ease of management. I expect the "think of the children" folk will (have already?) weed out any glaring privacy issues.

    --
    Join the SDF Public Access UNIX System today!
  • (Score: 2) by kaszz on Monday May 01 2017, @12:56AM

    by kaszz (4211) on Monday May 01 2017, @12:56AM (#502071) Journal

    The question you got to answer yourself is why is the relative or friend allowed to use the most retarded OS that can be found and then make it your burden to fix for free?

  • (Score: 0) by Anonymous Coward on Monday May 01 2017, @03:30AM

    by Anonymous Coward on Monday May 01 2017, @03:30AM (#502118)
  • (Score: 0) by Anonymous Coward on Monday May 01 2017, @08:58AM

    by Anonymous Coward on Monday May 01 2017, @08:58AM (#502193)

    As the family Linux user, I only remote admin my brothers Linux server.

    I remote admin my brothers Linux servers using a well known tool called OpenSSH.
    My brother remote admins the Windows machines of the rest of the family using another well known tool called Corolla.

(1)