Question Team Viewer 10 remote admin and privacy

Apr 15, 2019
4
0
10
Hi everyone,

Pls excuse my english.

My wife has installed the remote administration program Team Viewer 10 on her notebook for her distant job. My wife's company trusts the tech guy who sometimes remotely accesses the notebook to fix problems or to install apps etc.

The guy is probably so busy, that I doubt that he may do something dishonest, like erasing data, stealing project files or browsing our private pics etc. And of course, we do not keep credit card numbers or such important data on the computer.

So, I'm not so paranoid, BUT still...

Plz tell me, how this program works and can the tech guy access literrally all the files on the notebook? I mean can he browse our photos and videos, can he read text documents etc.? Can he download them to his computer?

Here I am not talking about something advanced like hacking, it's simply: does the program give the tech guy an access to everything by default?

I tried to learn more about the program, but the info that I found on google is not very detailed. I wish to know how the interface looks on the tech guy's side, I wish to know what he sees on his screen and what he can do or not do.

I'm not an expert, I just turn on the program and as far as I can see it can give you a password that you can send to the tech guy and also there're options: remote administration and file sharing (or something like that). My wife turns only the 1st option on. Please note that our version of the program is not in english, so I'm translating.

Thank you very much for your explanations.
 
You are right about been paranoid since, by default, the tech guy will have the same rights as the user of the device.
The tech, while connected, could see files, delete files, copy files, transfer files, turn camera on, even use the computer when no one is around if Team viewer is running as a service.
You could change the settings on the Access Control (incoming connection) on the Team Viewer app to your liking.
 
Last edited:
  • Like
Reactions: bshv
First of all, unless Teamviewer is setup to allow unattended access, and to start with Windows, and with a known password, it is not as if it is some magic backdoor to use when anyone sees fit...

The laptop owner can choose to have teamviewer on/running only when he /she needs it, and/or change password for admin access if needed, or, if not setting it up to launch as a full time application for remote access, only give the password (which is new every time TV launches) when a tech needs to access a computer for work...

If it was set up for unintended access so a tech could access the laptop when needed, and the tech is not trusted, simply change the password, or, remove the unattended access feature. Teamviewer can be easily launched for on demand access which is more than adequate for 99% of most use cases...
 
  • Like
Reactions: bshv
Apr 15, 2019
4
0
10
Mdd1963 and ColGeek , thank you for your reply. I understand what you are saying. As you and Jojesa said, things depend on the settings. In our case they are like this:

- The program was not in english, but I found advanced settings and I change that

- The program is not set to start up automatically with Windows (this is good, I guess)

- My wife starts it when it's necesary, it's not always on

- My wife says that when the tech guys is working, she can see his actions on her screen (which I guess is good). But she cannot watch all the time

- Participant interaction: Full (I dunno whether this setting is good or bad)

- Record participant's video and VOIP is ON (dunno is this good or bad)

- Advanced > Access Control > Full Access (dunno is this good or bad, but I'm afraid it might be too much).

- Under Advanced, when you click Configure (Access Contact Details), everything is set to ALLOW (this is very bad I think): Connect and view my screen is allowed, control this computer is allowed, transfer files is allowed, control the local Team Viewer is allowed, basically everything is allowed.

- Random password after each session is set to: keep current.

- Auto record remote sessions is OFF. Is this some kind of log (text file) where all the actions are recorded? Is it like: "the tech guy clicked this, then he clicked that". If so, that would be useful, but now it's off, so we don't have a record of his past actions.

All in all I think that the program is not bad, but our settings are too allowing. And I guess that either it was set like this by default, either my wife's colleagues set it up like this. Or maybe the tech guy made some settings, too. I guess that the settings allow him to do that. This is not good and it made me worried now. My wife should have been more careful.

Fortunately, we don't have something extremely private or valuable there. And I doubt that the guy wasted his time to browse our folders, that would take time (to look for them on various partitions, they are not immediatly on the desktop etc... etc..). But still, the feeling is a bit bad, you know.

Thanks
 

Math Geek

Titan
Ambassador
i' don't see why the IT guy needs random access to her laptop. if it was a company issued one or accessed very secure data i could see the need but not for normal day to day use. for me that would be WELL out of bounds.

i'd set TV to only work when i want it to. if they have some reason the IT guy needs to access my pc, then they can contact you and a session can be started while you watch as it's done.

"Participant interaction: Full (I dunno whether this setting is good or bad) " this is a good thing cause it allows her (or you) to take control back from the IT guy anytime during the session.

but other than tech support for company software i can't see any reason they would want/need constant acess to your personal laptop and i'd not allow it personally. if they have a software update, they can email a link to it and your wife can install it herself.

*just my 2 cents anyway
 
  • Like
Reactions: bshv
Apr 15, 2019
4
0
10
Math Geek, thank you.

Unfortunately, I don't know why the program is now set the way it is.

Now the question is how to set it properly and to make it less permisible, but still functional. Also, I was thinking about the "Acess" property of the files and maybe that's useful.

The properties of a every file give you dates on which the file was created, modified and accessed. In case the remote admin was opening some files, I assume his action would be remembered under "Acess" or I'm wrong? Like: Properties: Accessed: Apr 16 2019 09:00 AM or something.

I checked some files, but they haven't been opened for a long time. I think that he didn't touch anything, but better safe than sorry, so I deleted some files now. It's a pitty that I didn't do that earlier. Work computer must be one thing, private computer - another thing.
 

Math Geek

Titan
Ambassador
i'll have to reinstall it and look around to see what the settings are.

if i recall right they default to the stricter side of things. so a simple uninstall and reinstall should undo whatever settings were changed and leave them at defaults. then look at Col Geek's link and be sure those settings are in place. should make it all good.

and your thoughts on the time stamp of file access is correct. if anyone uses a file or accesses it in any way, then the metadata time stamp is changed to reflect it. so not a bad way to check back and see if anything has been tampered with.
 
Math Geek, thank you.

Unfortunately, I don't know why the program is now set the way it is.

Now the question is how to set it properly and to make it less permisible, but still functional. Also, I was thinking about the "Acess" property of the files and maybe that's useful.
Did you installed the free version of Teamviewer or it was installed or provided by your company.
If a tech from a company is providing support then it should be under commercial use.
If that is the case you cannot change Teamviewer settings.
I use the commercial version at work and we create and apply TeamViewer policies as we see fit.
We distributed a TeamViewer installations with the settings we want and even enforce them.
Contrary to what some here believe, I could even turn on clients systems, monitor software and hardware, drive space, online status, CPU usage, etc, etc, etc.
We could even find out, before the user, when an issue arrives.
Of course we disclose all that before they decide to use the app of their
personal systems for work related tasks.