Looking for advice setting up a phone controlled remote streaming box

[diableri]

Hey folks,

I would like to set up a box, hooked up to my parent's TV that I can pull up remote control of on my phone (from offsite) and start/end a stream for them with no on-site input. I would like to be able to reboot and resume control of the box from my phone as well with automatic service restarts of the remote desktop services. No inputs plugged into the box or any other way to interact with it locally preferred (once it's set up). The box needs to be up and listening for my connection request.

I'm extremely comfortable in windows, moderately so with MacOS and haven't touched a linux distro in at least a decade. I was hoping I could do most of this with a chrome box but not so much I've found. Of the three choices, is a linux box with just a desktop environment, browser and remote software set up my most secure bet? What kind of hardware should I be looking for to handle streaming and the remote software only?


The real problem I'm trying to solve is that my nephews are playing high level high school and (next year) college football and my parents are not in good enough health to make it to most games. We have web based subscriptions to services that stream their games but my parents are impossibly confused and frustrated by tech and I cannot make it to the games and have everything ready for them to press play on the streams every time. I'd like to use my phone to use an app or web service to fire up a streaming box connected to their TV and start that game stream for them to watch. They can handle switching inputs on the TV remote but anything on an ipad or computer and it just all goes to hell.

I've googled it a lot and even ordered and tried an ASUS chrome box which worked great save for the fact that it would not work as the controlled device but worked great as the controlling device. The only thing I'm concerned about it leaving a windows machine on 24/7 listening for a remote request from my phone. Seems like I'm asking for trouble there.

Any help or advice is appreciated. Hope you're all surviving the holidays so far. Thanks for reading.

 

[SamirD]

First of all, kudos and hugs to you for doing something for your parents for them to still participate in life in their current health. I've lost both my parents and did a lot of the same and it's almost never an easy job.

Second of all, a standard windows pc constrolled via vnc would be perfect for this scenario--you could log in, turn on the streaming, and log out and they would be able to continue to watch since it's not like rdp where they would have to log in once you log out. And to secure this, simply replace their router with one that can terminate a vpn session. Then you can log into the router to create a secure tunnel and vnc to the machine. And since vpn clients are fairly easy to come by, you should be able to have one of these handy whenever and wherever you might need to do this.

And the same solution can apply to mac or linux too since you're just going to remote control a computer that has their television as a monitor (or 2nd monitor).

Hope this helps!

 

[diableri]

Thanks so much Samir, it looks like this is going to work out great. Ordered a little refurb corporate box and I'll get the software set up and tested this weekend!

 

[SamirD]

Thanks so much Samir, it looks like this is going to work out great. Ordered a little refurb corporate box and I'll get the software set up and tested this weekend!

Awesome! Be sure to secure the network side with a vpn capable router if you don't have one in place already. You'll also find this is handy for when they need to print something, etc and you can just log in and be able to see their network like you were sitting on it. I use this all the time (I have IPsec VPN tunnels nailed up).

 

[Vengance_01]

Maybe just use Google's remote PC software. This is what I use with my parents to help them remotely

 

[Kardonxt]

VNC \ VPN may be a little overkill if you're not comfortable with networking. You could try something like anydesk or TeamViewer which are free for personal use. I'm not sure if they have mobile clients but I assume they, our a similar product, do.

Then you don't need to worry about a VPN or leaving exposed RDP \ VPN ports open to the world.

 

[SamirD]

VNC \ VPN may be a little overkill if you're not comfortable with networking. You could try something like anydesk or TeamViewer which are free for personal use. I'm not sure if they have mobile clients but I assume they, our a similar product, do.

Then you don't need to worry about a VPN or leaving exposed RDP \ VPN ports open to the world.

Setting up a vpn tunnel today is a lot easier than it once was--tons of guides, etc. Personally, I would rather stick with things 'in house' vs anything with an external dependency as those solutions are changing so fast that you can't rely on them for long. (Remember gotomypc and pcanywhere?)

VPN ports are never really an issue as it is very, very difficult to brute force a vpn with the right passcode. And because there's so many other parameters to configure, getting all of those right is sometimes hard when you're even just setting up a tunnel moreless trying to hack one.

But exposed RDP ports are a real danger (and I would think the same thing about VNC), hence why tunneling in and then using these over the tunnel is best. Plus, having access to the entire network opens up other assistance possibilities since a lot of devices now have ethernet based controls.

 

[diableri]

Setting up a vpn tunnel today is a lot easier than it once was--tons of guides, etc. Personally, I would rather stick with things 'in house' vs anything with an external dependency as those solutions are changing so fast that you can't rely on them for long. (Remember gotomypc and pcanywhere?)

VPN ports are never really an issue as it is very, very difficult to brute force a vpn with the right passcode. And because there's so many other parameters to configure, getting all of those right is sometimes hard when you're even just setting up a tunnel moreless trying to hack one.

But exposed RDP ports are a real danger (and I would think the same thing about VNC), hence why tunneling in and then using these over the tunnel is best. Plus, having access to the entire network opens up other assistance possibilities since a lot of devices now have ethernet based controls.

This is where I kind of landed in the decision process. My parents are a real danger to security honestly. They answer the phone and engage with people they should not be talking to and their home pc and mobile devices are constantly hit with problems of their own making from clicking on (apparently) every possible link and email.

This set up is most likely a good longer term solution to letting them use some more interesting internet services when I can't physically come over to help them in person. My overall goal is to let them have the large tv display that they can actually read while I talk with them on the phone as well and walk them through some things. They are not patient enough to explore how to do things on their PC and have me come by after work and supporting them over the phone with their constantly compromised devices is frustrating for all of us.

Thank you guys again for the help and suggestions. Just waiting for all the hardware to show up now.

 

[SamirD]

This is where I kind of landed in the decision process. My parents are a real danger to security honestly. They answer the phone and engage with people they should not be talking to and their home pc and mobile devices are constantly hit with problems of their own making from clicking on (apparently) every possible link and email.

This set up is most likely a good longer term solution to letting them use some more interesting internet services when I can't physically come over to help them in person. My overall goal is to let them have the large tv display that they can actually read while I talk with them on the phone as well and walk them through some things. They are not patient enough to explore how to do things on their PC and have me come by after work and supporting them over the phone with their constantly compromised devices is frustrating for all of us.

Thank you guys again for the help and suggestions. Just waiting for all the hardware to show up now.

Ahhh...I know your pains! When I first got involved with my parents, they had a pile of systems that 'stopped working' after some malware had gunked up the works. I had to put in disputes on all their credit cards for a long line of small charges for subscriptions, etc that were for nothing aka scammers. Got that money back and closed the cards. The solution for their computing was to move them to some xp embedded thin clients that had a nice hardened os that a reboot would fix and all software just portable type on a flash drive. From that I graduated them to custom built from spare parts xp systems that had xp steadystate so again bulletproof os with all software portable and on another partition on the hard drive. I stripped down the start menus and locked them down hard and yet still they could mess up the browser so I even made a batch that would copy the entire browser from a known 'good' version each time they tried to use browser for the first time. I upgraded their pointing devices to logitech track man finger trackballs so they could move and then click which was easier for their hands, and made some custom model m and unicomp keyboards with large print keycaps from unicomp which helped them type. Sadly the systems outlived my parents, but they were able to compute with enjoyment in their last few years. My dad even had dual 1080p monitors.

And since these were connected via an ipsec vpn tunnel, if there was a real problem, I could just rdp into the system and see what was up. At one point the power supply went bad in my dad's system and I had to swap that, but otherwise the last few years were set and forget.

 

[diableri]

Ahhh...I know your pains! When I first got involved with my parents, they had a pile of systems that 'stopped working' after some malware had gunked up the works. I had to put in disputes on all their credit cards for a long line of small charges for subscriptions, etc that were for nothing aka scammers. Got that money back and closed the cards. The solution for their computing was to move them to some xp embedded thin clients that had a nice hardened os that a reboot would fix and all software just portable type on a flash drive. From that I graduated them to custom built from spare parts xp systems that had xp steadystate so again bulletproof os with all software portable and on another partition on the hard drive. I stripped down the start menus and locked them down hard and yet still they could mess up the browser so I even made a batch that would copy the entire browser from a known 'good' version each time they tried to use browser for the first time. I upgraded their pointing devices to logitech track man finger trackballs so they could move and then click which was easier for their hands, and made some custom model m and unicomp keyboards with large print keycaps from unicomp which helped them type. Sadly the systems outlived my parents, but they were able to compute with enjoyment in their last few years. My dad even had dual 1080p monitors.

And since these were connected via an ipsec vpn tunnel, if there was a real problem, I could just rdp into the system and see what was up. At one point the power supply went bad in my dad's system and I had to swap that, but otherwise the last few years were set and forget.

That's so great that you were able to keep them involved with the tech.

My folks have really just in the last few years "discovered" the internet at large and all that means so I feel like this is just me taking the first steps for them. We've isolated their online banking due to the exact problems you described to a single ipad and they've agreed to just use it for that and another iPad for "browsing". That's worked out better than I had hoped with separate apple and google accounts but that's about as much self discipline as I've been able to instill in them so far; but progress is progress.

My plan is to be able to set this box up for them so they can see their grandkids play sports and host all the family photos and slideshows etc of games and vacations that their health is beginning to prevent them from attending. After that, somehow hardening the security for a tablet device and getting rid of that pesky landline. Thanks again for your help!