RealVNC: more open remote access protocols will increase security

RealVNC, the pioneer of VNC, has opened up its technology for hackers and developers to scrutinise — but what is VNC?


VNC remote access and control software enables users to remotely access and control devices from anywhere — VNC technology facilitates remote access from one device to another over a local area network, VPN or the Internet.

The company has now published some info on its RFB 5 protocol.

What is RFB 5?

This is the technology behind VNC i.e. it’s the stuff that enables remote access.

I prefer their first album.

Yes but RFB 5 is new… and it’s a closed, secret, previously unpublished protocol (unlike earlier RFB 3.x versions).

Hmm, still doesn’t sound very secure.

Security in remote access solutions will always be a concern for some it’s true.

“There have recently been issues caused by errors such as people not passwording their VNC connections (something that is impossible with RealVNC’s own products). As a result, RealVNC wants to make sure its tech is as secure as possible, so are opening their trademark product up for scrutiny,” said the company, in a press statement.

The firm’s own blog on the news reads as follows:

By the time we released the first commercial version of VNC the internet had become a much less trustworthy place, and its users far more cautious. The RFB protocol evolved accordingly, and RFB 4.x brought secure connections, improved authentication and various other security measures designed for making direct connections across an increasingly hostile Internet.

More recently, the rise of cloud computing has introduced its own security challenges, and RFB has evolved again. The new RFB 5 protocol has been designed alongside VNC Cloud to be our most secure version yet. It builds in features such as Perfect Forward Secrecy, and makes it easier to check you’re connected to the right person. It’s used for every connection made using the VNC SDK, and will be making its way into our other products soon.