Wondering if Shadow might indulge me with a little information on how it handles transport security.
Based on previous threads, which are relatively limited, it seems Shadow uses UDP to stream from the Shadow instance back to the client unless you choose TCP. My experience with the TCP options was not as good as a typical VDI or RDP session, the basic desktop would artifact, lag, and ghost.
The typical discussion point to choosing UDP centers around reducing latency and higher gaming performance.
Unless wrapped in a TLS or IPSEC tunnel, UDP isn’t typically encrypted. Now it’s valid to consider that what is streaming down from the Shadow instance to the client, it’s normally screen data and sound. Risk here is relatively small for gaming assuming proper password masking for applications on the instance. But how does the client handle data being sent to the instance? Primarily keystroke and peripheral (camera and sound/voice)?
Unencrypted keyboard and peripheral (camera, sound/voice) is a much higher risk. I choose to make up a random new Microsoft Account to activate my Shadow, then created a local account to login. This reduces the risk, but then there’s the game userid and password.
Much of this is speculation and professional experience. So this brings me to my original question, how does Shadow manage transport security?
Best answer by DarasinView original