Remoting the desktops of ordinary workstations includes enabling a user to operate a first computing device from a second computing device over the Internet. Examples include remote control software services, such as GoToMyPC produced by Citrix System Inc. Remoting desktops present various problems related to security and information disclosure. In some cases there are certain limitations, which require “screen scraping” of the workstation desktop.
In other cases, the workstation desktop must be enabled and visible so that certain technologies function correctly. For example, GoToMyPC must work with an enabled display. However, one problem with the workstation display being enabled is that anyone local to the workstation can view what the remote user is doing by simply looking at the local display screen.
There have been various attempts to provide a solution to this issue. For example, in some conventional systems, a full-screen overlay is used to hide the contents of the local workstation desktop when the desktop is being remoted. However, there are limitations with screen overlays. For example, screen overlays can only be used with one application at a time. In particular, some media player applications (e.g. DVD players), generate full-screen overlays displaying data and do not typically permit a second overlay to be displayed above the generated full-screen overlay. Thus, if a DVD player or other media player has already created an overlay then a new overlay cannot be created, leaving the local display visible. GoToMyPC, for example, warns the remote user if it is unable to blank the local monitor because the overlay creating has failed.
A full-screen overlay is also inadequate when the local workstation has a plurality display devices (e.g. monitors). An overlay can only be created on one of the plurality of monitors, leaving the rest of the monitors exposed.
In other systems, when a local user presses a combination of keys, such as, Ctl-Alt-Del to activate the local desktop, the overlay will disappear, allowing display of the remote data. In addition, although many remote control software services prevent local input when a remote user is attached to the local computing device (i.e. the local user is unable to interact with the local computing device), a local user can observe everything that the remote user is doing via the local display. Moreover, most remote control software services will not re-establish the overlay, leaving the local computing device vulnerable to anyone wishing to view the desktop.
Thus, conventional systems for disabling local workstation displays do not provide reliable functionality for blocking the display of data generated remotely. Nor do such conventional systems provide for preventing typical overlays from interfering with the execution of authorized applications on the machine.