Windows "Quick Assist" - Secure Enough?

  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in:

    This forum does not automatically send notices of new content. So if, for example, you would like to be notified by mail when Steve posts an update to his blog (or of any other specific activity anywhere else), you need to tell the system what to “Watch” for you. Please checkout the “Tips & Tricks” page for details about that... and other tips!

    /Steve.
  • Larger Font Styles
    Guest:

    Just a quick heads-up that I've implemented larger font variants of our forum's light and dark page styles. You can select the style of your choice by scrolling to the footer of any page here. This might be more comfortable (it is for me) for those with high-resolution displays where the standard fonts, while permitting a lot of text to fit on the screen, might be uncomfortably small.

    (You can permanently dismiss this notification with the “X” at the upper right.)

    /Steve.

GregM

Member
Dec 6, 2020
15
2
I just discovered MS "Quick Assist" on Windows 10 the other day and tried it out.

It seemed to work smoothly - (quite well actually) - when assisting a friend.
Normally I'd have used something like TeamViewer but wanted to try this out.

I found some info on it here: https://www.steeves.net/news/windows-10-quick-assist-remote-assistance-app/

Looking at point #2 under the "Does Quick Assist Leave Your Enterprise Exposed?" header:

2. Most firewalls & NAT will be bypassed – Quick Assist connects to a central Microsoft support server using the port 443 (for both sides of the assist connections), as such this will bypass most existing firewalls and NAT.

Now I understand the article was written from an enterprises perspective; that's not what I'm looking at here.

I've never really trusted RDP, and after 'Blue Keep' feel justified in this.

This is different though is it not?

. . . being that port 443 is used for secure connections . . . after being connected with the assistance of the central Microsoft support server, is our connection (still?) secured?

If not, how is this different than say what TeamViewer, Anydesk, or any of the others that are out there are doing when we exchange ID numbers and passwords?

Thanks for your consideration.
 
  • Like
Reactions: garryweil

PHolder

Well-known member
Sep 16, 2020
639
2
315
Ontario, Canada
That article, being Enterprise focused, is noting that by using SSL for the connection, there is no way for the Enterprise monitoring tools to track/control the connection. It could be used to exfiltrate corporate data say. Assuming that MS is playing proxy in the middle, you connect to their server as does the client you are assisting, then to me, the only risk is that something malicious at MS could tamper or record your session. That seems little different from other providers in this space, you end up having to trust someone. (I guess they could be doing end to end encryption...? I don't know enough about their protocols.)
 

garryweil

Member
Sep 25, 2020
5
1
Being in an enterprise network I would suspect that they already have their cert in you cert store and can thus see your content regardless. Correct?
 

PHolder

Well-known member
Sep 16, 2020
639
2
315
Ontario, Canada
I didn't write the article so I don't know their motivation for being against the Microsoft solution. Some enterprise networks don't bug every PC, they just block most services. It would seem unlikely they would block Microsoft though...
 

GregM

Member
Dec 6, 2020
15
2
It seems to me like it is 'end to end' encryption (noting the article is concerned that a corporation may not be privy to what is happening on their network).

I'm not sure how I'd confirm that though.

This is just me wanting an easy way to assist friends and family, and I wanted to know that I wasn't hanging it all out there for the whole internet to see per se.

Thanks for the replies everyone.