Now that the COVID-19 outbreak has officially reached the pandemic status companies like Google and Twitter – as well as thousands of smaller businesses - tell their staff to work from home. This seems to be a wise strategy given how dangerous and highly contagious the new virus can be.

Viewer for Mac/Linux is available for beta testing (download for Mac or Linux) at no cost. Beta 1 has a limited feature set — more features are going to be added in subsequent beta releases (Beta 2, Beta 3 etc.) and the final release.

This blog post is an overview of Beta 1 with information on how to get started with the program. We will use Viewer for Mac as an example — everything written below also applies to Viewer for Linux.

Remote Utilities default security settings are strong enough to satisfy even the strictest requirements. With its persistent end-to-end data transfer encryption and certificate-based Host and Server identity verification the program protects your remote transfer data from unauthorized access and warns you if your remote modules are tampered with. Besides, you must enable at least one authorization method and enter access credentials in order to log in (authorize) on a remote Host.

But what about other security features which are not enabled by default? Further reinforcing your already strong and impregnable fortress will never hurt after all. Continue reading below to learn how to turn on additional layers of protection.

Starting version 6.10 you can specify your SMTP server settings in the MSI Configurator and therefore use your own email account for sending Internet-ID notification emails to yourself. You may use any type of SMTP server, e.g. a free account such as Gmail or a corporate email account.

With the new feature you can edit the message template. For example, you can translate it to your native language or otherwise alter the message. Just don’t forget to include the necessary variables (marked “%”) in the message.

This has been a massive release in terms of encryption and authorization. We implemented a more modern TLS 1.2 encryption algorithm which is the today's de facto standard for advanced remote access software. The authorization system has also been significantly improved — now you can enable several authorization methods on the Host and use them side by side.

Another major improvement is 2-step verification (2FA, or "2 factor authentication"). This verification acts as an additional layer of protection against unauthorized access to your Hosts. With the 2-step verification enabled — you can use a smartphone app such as Google Authenticator to view the 2FA code — no one can get access to your Host even if they guess the password.

PIN-code protection for Internet-ID

This is related to your use of the self-hosted server for Internet-ID connection.

Problem

Previously, anyone who knew your server address and port could use your server to broker an Internet-ID connection for their own Viewer and Host the same way you did for yours. This could result in unidentifiable Hosts hanging in the "Idle" and "Active" tabs in the server Admin Console. While not a security vulnerability per se, it was still an annoyance.