I’ve been using rustdesk for while, and it works very well for me. The news of it being somewhat opaque, and developed from China, makes me a bit nervous.

Is there a FOSS equivalent that won’t make me jump through hoops, and be easily installed by someone else remotely?

I would like to be able to have it run at startup in Linux and windows, have a fairly complete feature set, like file transfer, copy paste, etc.

Also it’d be great if it could be easily installed by someone else remotely. I do SMB support, usually onsite, which is why it’s not cost effective to pay for a Teamviewer or Anydesk license.

I’m taking a look through flathub, but recommendations would be greatly appreciated.

  • Red5@lemmygrad.ml
    link
    fedilink
    arrow-up
    16
    arrow-down
    1
    ·
    2 months ago

    Rustdesk is FOSS, no? You could certainly run an instance yourself to be more comfortable with where the data is going.

    • ShortN0te@lemmy.ml
      link
      fedilink
      arrow-up
      12
      arrow-down
      2
      ·
      2 months ago

      The installer has included a root certificate before that gets installed without asking. Also there are some code blobs in the code iirc.

      Also how they handled the initial wayland “support”.

      It is relatively easy to smuggle in backdoors if you are the maintainer of the code and afaik there was not even an independent audit.

      Saying it is fine just because of it being OS is really naive.

  • Sam Black@lemm.ee
    link
    fedilink
    English
    arrow-up
    19
    arrow-down
    5
    ·
    2 months ago

    If you’re comfortable with Rustdesk but wary of the developer, you could try HopToDesk, which is a fork of Rustdesk but the company is based in the US.

      • Sam Black@lemm.ee
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        1 month ago

        If you’re in the US, maybe?

        I only suggested it as Rustdesk not so long ago had no self-hosted FOSS server, whereas HopToDesk did - it’s been a while since I’ve reviewed FOSS remote desktops so I probably should again.

          • Sam Black@lemm.ee
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 month ago

            The company linked in the github issue is a property company, and the sole director has other property companies - I doubt its making Hoptodesk.

            There are a number of “Begonia Holdings LLC” listed in the USA hence my thinking its US based.

      • Billegh@lemmy.world
        link
        fedilink
        arrow-up
        2
        arrow-down
        6
        ·
        1 month ago

        No, but a “company” in China has far less autonomy from the government in China than one in the US. For some people, that can be stressful

        • jackT@feddit.org
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          2
          ·
          1 month ago

          Untrue. Although it’s more likely for china to (ab)use this, but legally the us is just as „bad“.

          • Billegh@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            1 month ago

            I wasn’t comparing badness or abuse, I was comparing autonomy. In the US they have the option to use the legal system to fight against things they don’t want to do. Usually ineffective, sure. But the option is there. Not so in China.

    • elucubra@sopuli.xyzOP
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      edit-2
      2 months ago

      Thanks. I’m trying out HopToDesk. As I understand it’s a clone. Works pretty well. I hope they don’t pull any shenanigans

  • taaz@biglemmowski.win
    link
    fedilink
    English
    arrow-up
    6
    ·
    edit-2
    2 months ago

    Before RustDesk I have used NoMachine but that’s completely proprietary (Luxembourg company, except for the old core protocol - NX 1).
    Afair I am afraid that there isn’t an all-in-one foss desktop remote software as good as RustDesk currently.

    • egerlach@lemmy.ca
      link
      fedilink
      arrow-up
      2
      ·
      1 month ago

      X2go is the successor to NX and works well IMO, though I’ve never tried Rustdesk to compare.

    • ShortN0te@lemmy.ml
      link
      fedilink
      arrow-up
      8
      arrow-down
      4
      ·
      2 months ago

      You are not running the software cause you do not trust the ppl running it? So you do host the software anyway? Just because it is OS and just because you can run it on your own hardware does not mean you can blindly trust it.

      • tekato@lemmy.world
        link
        fedilink
        arrow-up
        12
        arrow-down
        3
        ·
        2 months ago

        You can literally monitor where the data is being transmitted. There is no need to trust anyone. If it was sending data to anything that isn’t your relay server, you’d be able to easily prove it.

        • ShortN0te@lemmy.ml
          link
          fedilink
          arrow-up
          5
          arrow-down
          7
          ·
          2 months ago

          It could install software that transmits the data some time else. Basically something virus would do. The code can be hidden somewhere or loaded from somewhere with simple code.

          Those are basic tactics used for years by malware. If just simply monitoring would be enough to protect against malware then we would have way less problems.

          You should never run untrusted code or code by untrusted ppl.

          • tekato@lemmy.world
            link
            fedilink
            arrow-up
            11
            arrow-down
            4
            ·
            1 month ago

            Sounds like you made up your mind on RustDesk being malware, even though there is no proof. All of your replies are “could/can” without even a hint of factual information on RustDesk being some sort of Chinese backdoor, so I guess we can stop this discussion.

            • ShortN0te@lemmy.ml
              link
              fedilink
              arrow-up
              6
              arrow-down
              2
              ·
              1 month ago

              I am talking about it in general. If you trust it or not depends on you. I am just saying that the argument that it is OS or that you can host the server yourself does not automatically mean that it is safe. That applies to any software.

      • tekato@lemmy.world
        link
        fedilink
        arrow-up
        10
        arrow-down
        1
        ·
        1 month ago

        Bad coding practices is not malware, that just means the devs are not experts. Also, these were fixed when pointed out by the users, which is the whole point of being open source. The only reasonable issue is the direct modification of the GDM config, which required the user to click a button.

        • angel@sopuli.xyz
          link
          fedilink
          arrow-up
          4
          arrow-down
          1
          ·
          1 month ago

          What about the certificate installation on windows? Besides, I never claimed it’s malware, but it’s certainly software I wouldn’t trust.

          When running older Rustdesk versions on wayland it would display a notification saying “Rustdesk doesn’t support Wayland yet”, containing a button labeled “Fix it”, which is the button you’re referring to. There’s no way for the user to know that clicking this button will edit their GDM config and disable Wayland.

          • tekato@lemmy.world
            link
            fedilink
            arrow-up
            6
            arrow-down
            2
            ·
            1 month ago

            What about the certificate installation on windows?

            That’s simply bad software practice, which was fixed once pointed out. Fact is that if they had done this on purpose, they wouldn’t have changed it and instead, would’ve came up with an excuse to keep it the same way.

            I never claimed it’s malware

            I don’t keep track of who says what on this app. Many people in this thread have the idea that RustDesk is some sort of Chinese spyware that is secretly transmitting their files to the CCP. If that’s not your opinion, then I guess we are not in disagreement.

            There’s no way for the user to know that clicking this button will edit their GDM config and disable Wayland

            Yes, that’s the wrong way to do it, which is why they changed it. I’m not saying this is perfect software developed by experts, but the idea that RustDesk should be avoided at all cost is insane, specially when they have fixed every issue that was raised.

            The only thing they are missing is a security audit done by a third party, which costs money and I doubt they care enough to pay for that just to stop all the finger pointing.

            • angel@sopuli.xyz
              link
              fedilink
              arrow-up
              3
              ·
              1 month ago

              We’re not in disagreement about whether rustdesk is malware or not, but I think the developers being incompetent is also a perfectly valid reason to avoid it. Sure, they have fixed most if not all major issues that were reported to them eventually, but who knows when they’ll mess something up again.

              Also, some issues weren’t really resolved timely, take for example the issue where rustdesk autostarted on each boot. That one has been actively ignored for over a year, which is the opposite of building trust.

            • ShortN0te@lemmy.ml
              link
              fedilink
              arrow-up
              2
              ·
              1 month ago

              That’s simply bad software practice, which was fixed once pointed out. Fact is that if they had done this on purpose, they wouldn’t have changed it and instead, would’ve came up with an excuse to keep it the same way.

              This is not correct. While they have removed it from being installed on newer installs/updates, the certificate remains on the system that ran the corresponding version installer/upgrade unless it will be manually removed by the few percent that got the news.

    • elucubra@sopuli.xyzOP
      link
      fedilink
      arrow-up
      1
      ·
      2 months ago

      As I mentioned, I use remotes occasionally, so I’m trying a low fuss solution. If my bread and butter were remote support, I’d probably invest time in a more customized set-up

    • dino@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      3
      ·
      1 month ago

      China wants so see all our clients browser history in order for their secret AI to produce exactly what we want to buy next as cheap and fast as possible. World domination secured.