Trinca's Tech Talk

LogMeIn and the joy of painless remote connection
— 2:37 PM on August 5, 2010

Like many TR readers, I often find myself called upon to aid friends and family members with their technical problems. I'm usually happy to oblige. My liberal arts education has given me few other useful skills, and besides, when I am done troubleshooting, I sometimes get pizza.

Providing phone-based support is tricky, though. There's nothing quite like trying to troubleshoot over the phone to make you wish you were in a dark alley somewhere, taking a vicious beating. That would be less painful. If I want to help out a friend without spending the time and effort it would take to write my own OS from scratch, I really need some form of remote control software.

Windows XP and later editions include Remote Assistance, a rudimentary remote control application. This software, while useful in a pinch, requires that the connection be initiated by the person you are trying to help. Depending on their level of technical know-how, this process can actually be somewhat tedious.

Professional versions of XP, Vista, and Win7 let systems host a Remote Desktop connection. In terms of offering tech support, though, it should be noted that your mother who uses the Internet primarily to check movie times is unlikely to be using more expensive or business-centric editions of Windows. Another caveat with Remote Desktop is that you must know the IP address of the host system. In my experience, both Remote Assistance and Remote Desktop can be blocked if routers aren't configured to accommodate them. If you thought talking your grandmother through updating her virus definitions was frustrating, wait until you have to ask her to enable port forwarding on her router so you can connect remotely.

Remote control software is helpful if I want to check in on my own PC, too. When I'm at a friend's house or away from home for an extended period of time, being able to access my own PC from anywhere is great—whether I need to grab a file I forgot to put on my encrypted thumb drive or perhaps to fire up uTorrent to start downloading all the Linux ISOs and public-domain music that have made The Pirate Bay so popular.

I have found LogMeIn to be an indispensable, free alternative to other remote desktop access software. A small LogMeIn applet needs to be installed on each computer that you wish to connect to, but in my experience, this initial inconvenience is very quickly outweighed by the easy remote access that follows. The software is compatible with versions of Windows dating back to WinME; though if someone you know is still using ME, they have a serious problem that cannot be solved by any amount of remote troubleshooting. A slap in the face might be a good start. LogMeIn also has a Mac version compatible with OS X 10.4 onwards.

Both free and various pay versions of the software are available. I am incredibly cheap savvy when it comes to spending my own money, so I inevitably opt for freebies when they're available. In choosing to pay nothing for LogMeIn, I sacrifice remote sound, remote printing, and other, more esoteric features. In spite of those omissions, the free version is still a perfect fit for basic use. The sign-up process is quick and painless, and anyone handy enough to be counted on for computer help—or geeky enough to need remote access to his own PC—should have no trouble grasping it. Unsurprisingly, the website makes a strong effort to steer you toward one of the fee-based tiers. However, if you persist in selecting the free version, the site automatically offers a two-week trial of the pro version—not a terrible idea, since no credit card number is required, and the trial automatically reverts to the free version after expiring.

Once logged into your LogMeIn account, you are greeted with the following screen, which lists of all the machines tied into your account, as well as various places to change your account settings:

The My Computers screen lets users select the PC they wish to control. The prominent green "Remote Control" button is only visible beside the computers that are currently online.

Once you have clicked that button and entered the User Name and Password for the remote PC, you are logged in and ready to take control. At this point, any number of options can be tweaked.

The toolbar that appears when "Options" is clicked provides quick and easy access to screen resolution, color quality, and other settings you might want to dial down if you're working with a slow connection. I have tested this software over some relatively pokey Internet connections and still never experienced sluggishness.

If you click "Preferences" in the left-hand column, LogMeIn gives you an opportunity to lock down the security settings further.

I found the "Personal Password" setting to be of particular interest. With it enabled and a password entered, the next time I connected to the PC I was greeted with this screen:

Presumably, the pull-down menus serve to defeat keyloggers that might be installed at nefarious Internet cafés. Password protection could also serve as a temporary stop-gap should you walk away from an unlocked PC without logging out of your LogMeIn account. A knowledgeable interloper could probably disable the personal password prompt, but this should definitely help stymie casual snooping. In any case, it's nice to see LogMeIn offer effective yet relatively unobtrusive safeguards like this one.

LogMeIn addresses all of the major concerns I have with the various versions of Remote Assistance and Remote Desktop packages offered with Windows. Regardless of the network of routers, switches, and firewalls between me and a host PC, LogMeIn has always connected flawlessly. It also eliminates the need to know your IP address, something that makes a spur-of-the-moment remote connection to your home PC much more feasible. In addition, there's no question that the broad OS support is a boon to anyone dealing with dated or home versions of Windows or helping out a Mac user.

All in all, I think LogMeIn is a great solution for remote access, provided you are willing and able to do the initial setup of the host software on each PC. Microsoft does offer some serviceable tools in this area, but the router issues and Remote Desktop hosting limitations have caused me to convert to LogMeIn.

47 comments — Last by LoneWolf15 at 1:13 PM on 08/13/10

Getting to grips with thumb drive encryption
— 8:40 PM on July 14, 2010

Join us in welcoming Matt Trinca, the newest addition to TR's roster of bloggers.

I recently found myself in the market for a new thumb drive. In the process of doing exhaustive research for the purchase, I discovered a plethora of options, particularly with regard to security. I was both impressed and a little intimidated by some of the security features offered—I half-expected some of these drives to come with a cyanide capsule in case of capture.

My last name being neither Bauer nor Bourne, someone accessing the contents of my flash drive is not my worst fear. My worst fear involves rabid sharks with lungs that allow them to breathe on land. But enough about my crippling phobias. I think it's fair to say we all have sensitive data we'd rather not share with the world at large: Outlook PST files, financial information, blog posts for our Billy Joel fan page, etc. After giving the matter a little more thought, I came to the conclusion that I didn't really need a new thumb drive. What I needed was a way to secure some of the data on my existing thumb drives. That seemed easily doable with some third-party software.

I briefly considered using BitLocker, the encryption tool built directly into Windows 7 Ultimate. However, a look at its limitations convinced me otherwise. BitLocker allows versions of Windows from XP on up to read encrypted data, but write privileges are restricted to Windows 7 Enterprise or Ultimate—something pretty rare amongst my circle of friends. Furthermore, BitLocker seems to be an all-or-nothing deal—you encrypt either the entire drive or none of it.

I ultimately decided on TrueCrypt, a free, open-source disk encryption tool compatible with any version of Windows from XP onward, as well as Mac OS X and Linux. TrueCrypt encrypts file names, contents, and metadata on the fly using a wide variety of encryption algorithms. If you are willing to devote some time to the subject, both the program and the TrueCrypt website provide details about each encryption method. In short, though, anything locked down with TrueCrypt is a tightly closed book. I think it's fair to say that the FBI would agree, having failed to crack open TrueCrypt-encrypted hard drives seized as part of a criminal investigation over a year ago.

Being new to the program, I chose all the default installation options—it felt a little early to start customizing. My life experience so far is certainly vivid proof of the saying, "A little knowledge can be a dangerous thing," and I assumed this was doubly true when it came to matters of encryption. The installation process was straightforward and uneventful. Once it finished, I returned to the website to get a general sense of the program and check out the FAQ.

I discovered one major caveat while reading through the TrueCrypt tutorial: when run in portable mode (i.e. off the USB drive itself), the software requires administrator privileges. That can certainly pose a problem at most workplaces or Internet cafés. However, if you're spending your time at work or at the Internet café poring over plans to overthrow the government, intently scrutinizing bank safe blueprints, or merely looking at, ahem, "modeling" photos, I would suggest reevaluating both your work ethic and desire to remain discreet. For my own personal use, this limitation wasn't a deal-breaker—I was just looking to maintain some semblance of privacy in the event my thumb drive was lost or stolen.

While reading the comprehensive FAQ, I saw I had two choices: either encrypt the entire USB drive (and everything on it) or create an encrypted file container. The second option appealed to me, since I often carry around files to share with friends and colleagues. The idea of being able to loan the drive on a temporary basis while still maintaining a private sphere of files seemed ideal.

It was time to get to work. I launched TrueCrypt and chose "Create Volume" from the main window, at which point the program walked me through creating the container file.

TrueCrypt presented a number of security options along the way, and I generally rolled with the suggested defaults, for simplicity's sake. As you can see from the screenshot below, the program offers a basic level of detail on the methods selected, as well as links that provide even more information.

After accepting the default encryption settings, I was given the chance to determine the size of the container file, as well as the password required to open it. With that done (and I should note that my password was strongly frowned upon by TrueCrypt for being shorter than 20 characters), I was greeted with the following screen:

This screen encourages the user to move his mouse as randomly as possible to "increase the cryptographic strength of the encryption keys." I followed the directions in the interest of security, all the while unnerved by how much such random, meaningless mouse movements closely resembled a typical day at the office for me.

Following that, I clicked Format. After a few short minutes, TrueCrypt announced that the container had been created. I could now rest easy knowing there was someplace safe to store my Buffy fan fiction blueprints for building a perpetual motion device.

In order to make TrueCrypt accessible anywhere I have appropriate admin rights, I copied the entire TrueCrypt folder from my Program Files directory onto the root of my thumb drive. I then removed the thumb drive from my computer and plugged it back in to experience the unlocking process from the beginning.

With the drive back in, Windows gave me a set of typical AutoPlay options. I chose "Open folder to view files" and was soon viewing the TrueCrypt folder and a generic-looking file titled admin (my container file). To unlock that file, I simply launched the TrueCrypt executable on the drive, chose "Select File" from the main program window, navigated to the admin file, clicked "Mount," and entered the password when prompted.

At this point, Windows mounted my container file with a separate drive letter, giving me full read and write access. The encryption and decryption of files inside the container was completely transparent to me, and the bit-shuffling process didn't seem to affect the time it took to create, save, copy, or edit files. The USB 2.0 interface was presumably the real bottleneck—even on low-end processors, TrueCrypt encrypts and decrypts data more than quickly enough to saturate that interface.

There's probably a lot about this setup that could be improved and tweaked over time. For now, though, it's a definite improvement over a complete lack of encryption. This approach is also quite economical, since it allows you to add robust encryption to an existing thumb drive with software that's available free of charge.

26 comments — Last by Dirge at 11:04 PM on 08/06/10