So I’ve been using Rustdesk with a self hosted server for business and personal use now for some time. However, it is definitely the sketchiest foss software I’ve used. It seems to be based in China but the developers keep lying and saying its in Singapore.
Here is a list if everything I’ve found:
https://www.reddit.com/r/selfhosted/comments/14kjvkg/community_consensus_on_rustdesk_with_all_the/
https://github.com/rustdesk/rustdesk/discussions/1159
https://www.reddit.com/r/rustdesk/comments/y230hf/my_rustdesk_client_try_to_communication_with/
https://www.reddit.com/r/selfhosted/comments/10ppntj/reminder_about_the_shadyness_of_rustdesk/
https://www.reddit.com/r/selfhosted/comments/uurta8/_/
It seems that now the clients and OSS server are completely foss which is good. They also no longer have public servers in China according to them. In the client itself it also now has better defaults so you are less at risk of getting attacked.
It still is sketch but it now is slightly less sketch I guess? Either way its not ideal.
You must log in or register to comment.
If you have a custom DNS, be sure to block all the relay domains they use and block the respective ports from external access. Even if you disable the settings to avoid relays, they don’t acknowledge them and continue to try and phone home somewhere. Just checked the latest version on my phone, which has no relay setting configured, before commenting on this and sure enough, still true. Just logged an entry to rs-ny.rustdesk.com on my DNS, which of course was blocked. Desktop app has an option to disable them if I recall, but it never worked for me.
That out of the way, it is a very good local network software for remote access. Way faster than the alternatives I’ve tried.
Honestly we need a fork. Thanks for the advise.
Was this on a self-hosted install?
I’m not seeing any calls to *.rustdesk.com when I’m starting, stopping, or using a self-hosted version on Windows.
Or is it calling from home via the docker container?😵
Was using AnyDesk (until it went to shit), then Teamviewer (before they went to shit) and a ton of other VNC and remote desktop options, but did finally land on self-hosting RustDesk.
It’s been VERY solid and reliable for me, but what you just brought up concerns me.
I checked my filter log (from Adguard on Windows) to see if Rustdesk is calling home, and I’m not seeing anything after multiple connections and several hours of use. I guess these things aren’t a concern with the self-hosted deployment?
I never ran it since i got scared by the shit they done with ‘wayland support’ which smells like really bad code practices. Patch
But i still somewhat want to use it since it seems much less hassle then teamviewer and anydesk these days.
I don’t believe it does that anymore and the flatpak never did that. On Reddit they did admit to it being a terrible design.
It does not matter to me if it is still there or not. The point that this was in a release makes me question their code and release practices.
Here is an alternative Piped link(s):
https://piped.video/JIAdEGX_sIU
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
Do you have the same hangup of 7zip being from Russia?
Not really. Russia is problematic but not to the same extent. Also they are much more transparent and the 7-zip software doesn’t require a server.
So your point is that a FOSS application made in China is sketchy by default or what exactly?
Damn, you Americans are really brainwashed that everything that originates from China is bad.
You know you are free to use TeamViewer or Anydesk and no one is forcing you to use Rustdesk.
Software and hardware from China is known to be compromised on arrival. The CPP is a dangerous authoritarian government and they heavily influence private business in very nasty ways.
As for Team viewer and Anydesk, they are proprietary and can not be trusted. At least Rustdesk is Libre. The most concerning part about Rustdesk is that they delete issues that question the source of the software or Rustdesk’s potential to be influenced by the CPP.
The US government is a dangerous authoritarian government and they heavily influence private business in very nasty ways.
If I am remembering correctly, Australia also has laws that allow the government to force private companies to build backdoors. I think it was the Ass Access Act.
Oh yeah I’m not denying that.
I’m just saying its short sighted to take any shots at China when the west are authoritarian themselves.
The difference is that there is SOME accountability in the West and we can, to an extent, influence who leads us, especially in Europe.
So if flagrant misuse does appear, there’s a much higher risk of it being discovered and of heads rolling in the west.
Think of the number of exposed scandals in the West and compare that to China.
And I’m not throwing shit China’s way and thinking the West infallible. I’ve been to China plenty and worked with awesome Chinese people plenty. There’s a lot to love in China.
But let’s not get lost in whataboutisms. Where would you rather raise your children?!
Yea, we do…
The US government is in fact not authoritarian. As for influencing private business that is a real concern but at least here it isn’t illegal to stay private. I can vote for my officials and criticize the government without fear.
The US is especially authoritarian.
And if you think you actually have a choice in candidates, let alone any good ones you’re sorely mistaking.
Voter suppression is a widely used tactic to influence votes away from low socio economic areas and black communities.
I mean the same thing can be said about the USA, also if there are that many problems why don’t you just check the code, it’s one of the main strengths of open source software.
The USA isn’t nearly as bad as China. I can access or create any news source for example. You also don’t see people posting about GNU being compromised by the NSA.
Its always good to verify though.
It’s literally a third-party service that let’s others control your desktop. Doesn’t matter how FOSS the clients and end servers are, one also needs to trust the intermediate servers. If those running them are caught dishonest about which country they’re located, the trust evaporates. China or not.
Even in FOSS, parts can be so cryptically written, that no one really understands the code. There is even a tournament about that. When the shady person is the maintainer, it is even easier to implement a backdoor that way.
(Not saying there is or is not)
“So your point is…”
Perhaps the single most dishonest way to begin a sentence
Can you answer me if he will have questioned this piece of software if it was developed in the US, Europe or any other part of the world? And he presumes that by default if something is developed in China must be riddled with backdoors.
Same with the Huawei’s network equipment, that the US forced so many governments not to use. And to the best of my knowledge this was never proven.
Shall I also remind you that the US isn’t spotless either https://www.vice.com/en/article/5d9bp8/us-spies-allies-south-korea-pentagon-leak
U.S. officials have been scrambling to mend ties with its allies following a leak of secret documents showing that the U.S. spied on its friends—again.
Is it really impossible to critisize a leftist even the slightest bit without them flying completely off the handle? I only critisized your wording.
So now I got labelled leftist? That’s very presumptuous of you, don’t you think? You know there are more shades of gray and in normal democracies we have more than two political parties. But nice of you trying to generalise my whole personality, based on a couple of sentences, written in a social platform.
And for the record, English isn’t my native language. And surprisingly there are other reasonable human beings living outside the US (surprise, surprise) who might have slightly different world views from you. The world doesn’t revolve around the US, no matter what your politicians are telling you.
Literally only leftists repond with 5x as much text as whatever you said to them
It’s like I’m psychicly DDOSing you
I can only feel sorry for you and would strongly recommend you to seek some specialised help.
It sound like you are personally offended by this because you are Chinese, but as an European, I share your sentiment. I don’t trust either Chinese, nor American solutions. After all, after Snowden, we know American solutions are systematically compromised.
I am not Chinese, I am born and raised in the EU and I am Caucasian.
I am just irritated that FOSS software is being questioned just because it might have been developed by Chinese programmers.
And for the record you can’t be sure that any commercial software isn’t compromised or it doesn’t have backdoors, it just makes detecting those backdoors a lot harder.
Foss from places with known APTs are more secure than non-foss too personally. It would be daytime robbery compared to an inside job to implement spyware. It’s been done and should be monitored for though.
