Screens Connect on my Mac - is it secure?

I am considering enabling my iMac to respond to an incoming connection from “Screens” when I’m out and about. It sounds really convenient to have access to my Mac from anywhere.

However, I am kinda worried about the security aspect here. I will need to set up a port to accept ALL connections from the wild, just in case it’s me. Software routinely ship with bugs, some of them serious, some of them not even identified, potentially leaving my machine open to attacks (not that I’m a target for my content, I’m thinking more of crypto-miners and ransom-ware and botnet-minions). The port scanners will have my IP/port-number in a matter of hours from enabling it.

Talking myself out of it as I type, but am I too paranoid on this? Curious to hear how others are managing this type of service.

If you use screens connect on your mac you don’t need to open ports / port forward.
Add it to your screens account and you can connect from anywhere.

1 Like

Really? That is interesting. Will check it out. Thanks!

@aardy Sorry, no go. Port forwarding was indeed required. The software told me to turn on UPnP in the router for it to be able to open any darn port it wants to. UPnP is always disabled for any network I run, it’s a crazy contraption that is really dangerous. (Any device can request any port to be opened, with no notification, no approval from user or even a mechanism to list and review what ports have been opened behind your back.)

Fair enough, I hadn’t checked it for UPnP

You can try Jump Desktop . I couldn’t get Screens to work at work (ha) as I can’t open ports on the router. But Jump Desktop works.

I use screens with a privacte VPN. I Have a synology router and VPN into that, and from there use screens to access my macs. Most routers would have that functionality. It works great for me.

2 Likes

that also uses a connect app, doesn’t it? So again opening up a connection (though through different mechanism) That would again give 3rd parties a potential entry into your network?

Thanks, this might be the way to go, running a proper VPN. That should be possible on my router too.

Update: I configured my network with a VPN server and set up a new VPN profile on my iPad Pro. I also needed to add a static route between the VPN-network and the internal LAN. So, once authenticated, I can now reach the iMac using Screens. As far as Screens is concerned, it believes it is on the LAN, and the L2TP VPN is encrypting and tunneling my traffic.

Sweet!

(Now on to reading about how long of a random VPN key I really need to avoid any surprises.)

1 Like

So Jump Desktop use a reverse proxy or something?

Cool. Will try it. Been looking for a way to work from home when I don’t have the laptop with me.