PDA

View Full Version : Hamachi, remote access, VPN, free


davidh
January 5th, 2006, 03:10 PM
http://www.hamachi.cc/

I haven't tried this yet, but here's what they say about it:

What it is
With Hamachi you can organize two or more computers with an Internet connection into their own virtual network for direct secure communication.

Hamachi is fast, secure and simple. It is also free.

What's in it for me
Think - LAN over the Internet.

Think - Zero-configuration VPN.

Think - Secure peer-to-peer.

Access computers remotely. Use Windows File Sharing. Play LAN games. Run private Web or FTP servers. Communicate directly. Stay connected.

Technology
Hamachi is a zero-configuration virtual private networking application with an open security architecture and NAT-to-NAT traversal capabilities.

Hamachi is the first application to mix seemingly unrelated networking technologies in one powerful package to deliver an unprecedented level of peer-to-peer connectivity. More ...

Security
Hamachi is secure. All Hamachi communications are encrypted and authenticated with industry-standard algorithms and protocols. Nobody will be able to see what two Hamachi peers are talking about. Not even us.

However what is equally important - Hamachi security architecture is completely open meaning that its detailed description is available for the review to anyone interested. More ...

Ease of Use
A special effort went into designing and polishing Hamachi user interface. The result is sleek, simple and intuitive, while still very much functional. Everything you need, nothing you don't.

Hamachi software contains no spyware, bannerware or any other -ware unrelated to its purpose. And it never will.

Dan in Saint Louis
January 5th, 2006, 04:42 PM
http://www.hamachi.cc/
Sounds great! A couple of us at St. Louis Community College have been wishing we could VPN our home computers from work. Sounds like a January project!

Judy G. Russell
January 5th, 2006, 11:24 PM
All of that and free too? Hmmm... where's the catch?

sidney
January 5th, 2006, 11:32 PM
where's the catch?

It isn't open source :)

-- sidney

Dan in Saint Louis
January 6th, 2006, 01:44 PM
It isn't open source :)

-- sidney
To a user who is no good at programming and unlikely to understand the source code, what is the downside of that? Should I be concerned that it is not as benign as the publishers say? Could it be full of holes they don't tell us about? Might it jeapordize my security? (Clearly all of the above are possible, but what are the odds?)

davidh
January 6th, 2006, 02:24 PM
All of that and free too? Hmmm... where's the catch? Maybe because there's "competition", namely http://www.realvnc.com/

David H.

sidney
January 6th, 2006, 05:03 PM
To a user who is no good at programming and unlikely to understand the source code, what is the downside of that?

I think that you can come to a conclusion about whether to trust the author without seeing the source. If it becomes at all popular, there will be people looking at how it runs on their machines, doing packet captures and maybe some disassembling and reverse engineering to understand what it is doing, interviews with the author, etc., which should reveal if it is really some insidious spyware.

The problem I have with cryptographic software that is not open source is how easy it is to make subtle mistakes that eliminate the security benefit. It is difficult to know if the crypto is well designed, and well implemented, and doesn't have subtle flaws without being able to carefully go over the source code. With open source, even if you don't have the expertise to go over the code you can look for reviews from people who have.

In practice, you can probably rely on things like Steve Gibson's statement that he talked with the author of Hamachi and thinks he has been doing it right, at least as long as you are not relying on it to secure million dollar bank transactions. It is likely that if a major flaw in Hamachi is found, it will affect other people and become known before some baddy with early information about it notices your VPN and tries to hack it.

If you can figure out how to set up an OpenVPN tunnel, though, that is probaby better in terms of being sure of the security.

-- sidney

Judy G. Russell
January 6th, 2006, 05:54 PM
To a non-programmer like me, that doesn't mean as much as it might to you. But I like your point that the more popular the program becomes, the more likely it is to be disassembled by folks looking for flaws.

Judy G. Russell
January 6th, 2006, 05:55 PM
How can there be "competition" without money as the scorecard?

Dan in Saint Louis
January 6th, 2006, 05:57 PM
In practice, you can probably rely on things like Steve Gibson's statement that he talked with the author of Hamachi and thinks he has been doing it right, at least as long as you are not relying on it to secure million dollar bank transactions.
Thank you much! My main concern is not crypto, as we would not be using it for anything sensitive in that fashion. We are more concerned that it might annoy TPTB at the College, and I had not planned to retire for another year or so<G>.

davidh
January 6th, 2006, 08:46 PM
How can there be "competition" without money as the scorecard? That's why I put the quotes.
Perhaps their business model is something like Zone Labs - Zone Alarm ? I.e. they might start charging for commercial use when they get a good reputation ? Or charge for support ? or build a reputation to get into this and other types of network programming and support ?

David H.

Judy G. Russell
January 6th, 2006, 09:08 PM
They've got to have a way to cash in SOMEhow!

dgermann
January 8th, 2006, 01:19 PM
Judy--

They've got to have a way to cash in SOMEhow!

Judy, you are getting a bit jaded there, yes? :eek: ;) ;)

Seriously, not everything of value is done for personal monetary gain, is it? For instance, consider tapcis.com forums (unless there is something here that I do not see)--looks like a labor of love, to me. And for that I am happy. :D

Thanks, Judy for all your good work here.

PS: I have used VNC and find that it works well.

Judy G. Russell
January 8th, 2006, 01:59 PM
a. Thanks for your kind words.

b. Even here, we all get a benefit (i.e., we're cashing in) in that we all have somebody intelligent to fight with, er... discuss things with.

dgermann
January 11th, 2006, 11:02 AM
Judy--

Yup, that's most certainly true!