Is there any risk of irrecoverable damage by giving public access to remote desktop/terminal?


If I allow public access to a remote control program (SSH, teamviewer, remote desktop connection, etc) is there any risk of damage that can't be fixed through reinstalling the operating system? Do any seriously destructive exploits exist for either Windows or Linux that someone could execute given remote access?


Posted 2016-04-22T16:31:24.703

Reputation: 169

they could plant un-removable malware in any firmware on the computer – Neil McGuigan – 2016-04-23T22:41:33.993



There is no risk of physical hardware damage by allowing someone remote access to a computer. At most, someone could corrupt the OS so bad that you'd have to reload it. But it sounds like you're prepared for that.

The absolute worst that anybody could do is crap it up with some nasty viruses. If you're going to allow the public to use it, I would physically air-gap the computer from the rest of your network so there is no possible way for a virus to infect any other system you may have. This would involve a completely independent path to your ISP. If that's not possible, then a completely isolated DMZ would be the next best option. Do not share the network this computer will be on with any other computers you have.

Also, you should be aware that there are some particularly nasty boot sector viruses that can infect the slack space on a hard drive. Such viruses do not go away simply by reinstalling the OS. You have to boot to a Linux distro and wipe the drive to get rid of those.

Along the virus thread, there are some firmware viruses out there as well. You can block these by using the Secure Boot feature of your BIOS and booting Windows in EFI mode. You will need Windows 8/Server 2012 or greater for this though. Also, some business-class computers from Dell and HP have a setting in the BIOS to require signed firmware updates which predates Secure Boot. Those can block firmware viruses even on Win7/Server 2008 and lower which do not support Secure Boot.

Other than that, no, there are no exploits out there that could destroy the computer's hardware.

Wes Sayeed

Posted 2016-04-22T16:31:24.703

Reputation: 12 024

I'm not sure this is accurate. It's quite possible to run overclocking software with settings likely to damage physical hardware, for example. – ChrisInEdmonton – 2016-04-22T16:49:37.957

I'd say that risk is non-existent these days. I've only ever been able to physically roast a computer once in my life, and that was back in the AMD Athlon XP days when they did not throttle on overheat the way they do now. If someone knows a way to destroy modern hardware by pushing the clock too far I'd love to see it. – Wes Sayeed – 2016-04-22T17:30:17.080

This is all useful to know, but I'm not limiting this to hardware problems. I'm also concerned about network problems, which you've covered, but also firmware problems. In the 90s, there was a trojan called CIH which corrupted the BIOS on the motherboard. This required repairing from the manufacturer. – Daffy – 2016-04-22T17:40:52.573

I updated my answer to add info about that. – Wes Sayeed – 2016-04-22T17:46:11.383

Even in these cases, however, most motherboard manufacturers now have a back-door BIOS update mechanism for recovering from a bad ROM flash. – Wes Sayeed – 2016-04-22T17:52:24.727

@Daffy - If you are worried about that sort of attack, just don't allow access, unless you implicitly allow the ip address. – Ramhound – 2016-04-22T20:15:27.603

@Ramhound The reasoning behind this is that I've been considering making some sort of homemade cloud computing service. What has stopped me thus far is computer power, logistics, and security. – Daffy – 2016-04-22T20:32:14.770

1@Daffy - So do what the rest of the world does. Configure a VPN server, and only allow external access to your network, through the a VPN connection. Having a single account and service to secure it a great dealer easier then trying to do that half a dozen services. – Ramhound – 2016-04-22T20:38:43.737


Haswell and later CPUs can be damaged by Prime 95, if run for long periods of time.

Combine this with the maximum overclock that you can get, and hardware damage could occur.

From Raja@Asus link

Praz nailed it really. The newer versions of Prime load in a way that they are > only safe to run at near stock settings. The server processors actually downclock when AVX2 is detected to retain their TDP rating. On the desktop we're free to play and the thing most people don't know is how much current these routines can generate. It can be lethal for a CPU to see that level of > current for prolonged periods.

Joe Thorpe

Posted 2016-04-22T16:31:24.703

Reputation: 15