I think products like JetKVM are targeting hobbyists and small outfits; corporations who aren't on a public cloud are using stuff like idrac, ilo, or dedicated rackmount KVM hardware.
I think products like JetKVM are targeting hobbyists and small outfits; corporations who aren't on a public cloud are using stuff like idrac, ilo, or dedicated rackmount KVM hardware.
True. Small outfits can be a pretty big category of companies that don't have a fully locked-down enterprise security environment with clout who can insist that everything like that racked and put under their control.
Homelabbers tend to like rackmount. (I've owned multiple servers with such dedicated remote management/access hardware built in.)
JetKVM seems designed to be more a shadow IT at individual desks solution, for use at companies that don't prohibit and actively police that.
"Homelabbers" reminds me of the inimitable Rich Morin's and Vicki Brown's "Canta Forda Computer Lab". (Say it out loud!)
https://web.archive.org/web/20200312000527/http://www.cfcl.c...
>We get occasional inquiries about our name. In case you are wondering, it is a pun on "Can't afford a computer laboratory". (We have plenty of computers, to be sure, but the ideal computer laboratory will always be beyond our reach. :-)
>Inspiration for the name was drawn from Walker A. Tompkins, a family friend and prolific writer (of adventures, history, and westerns). Mr. Tompkins used the name "Canta Forda Rancho" for his home in Santa Barbara, CA.
Home lab is a subset of hobbyists. And many of them like mini PCs.
Yes me too. A lot of my stuff is NUCs and similar. Several of those nice ultra-cheap N100s. Amazing stuff
I have a "server" at home. It's just an old desktop. I use a PiKVM (similar to JetKVM) to manage it remotely when the kernel crashes or I fuck up the boot. It happens rarely, but it's nice I can just fix things remotely.
The PiKVM runs wireguard so it's reasonably secure. I assume JetKVM can do the same.
Thanks, needed a good laugh.
Putting a BMC or KVM on the Internet is hilariously unwise.
No need worry about dodgy remote desktop software — the attackers will be able to back door the firmware!
(Yes, iLO verifies firmware signatures… but yes they’ve had horrific vulnerabilities, worse than nightmares).
You don't put these devices on the public internet! You use Wireguard to control access. Think Tailscale or similar.
I'm joking a bit but these are exactly the entities that have fewer capabilities to detect malicious behavior.
Assuming JetKVM is operating in full good faith that doesn't mean they themselves aren't going to be the target. You compromise them and you compromise all their customers. That's true regardless of the company size, but is also the reason for transparency
The target market does not alleviate any concerns. Consumer grade hardware is used to build botnets and residential proxy networks. The latter could be used to get into your employer if they happen to have credentials and want to match your home IP to avoid detection.
IDrac often demands that the PC connecting to it be on the same network however, an rkvm like this let's you skip the pc-in-the-middle step.
Fine for one or two machines, but if you're dealing with a rack or more, an extra machine for management tools is no big deal.
Implying idrac, ilo and similar are somehow reputable?
There’s no way to know for sure, since they are closed-source and closed-hardware implementations. But they are backed by billion-dollar companies that lawyers can squeeze if they cause some sort of legally cognizable injury.