GeoComply / FanDuel NJ: Mac-to-Mac Tailscale remote screen sharing blocked immediately — Blocked Software rule ✓
Source. June 30, 2026 weekly sync.
Ticket. CIV-94: FanDuel NJ — Remote screen control blocked (GeoComply).
What we tested
The same Mac-to-Mac remote screen-sharing attack that succeeded on BetRivers PA / XPoint during the same test cycle:
- Tailscale — two Macs on the same private network over the internet.
- macOS screen sharing — out-of-state Mac drives an in-state Mac via Finder, with full remote control and no local presence required on the host.
Operator: FanDuel New Jersey, a GeoComply desktop (PLC) deployment.
What happened
- ✓ Detection fired immediately. The session was blocked under the "Blocked Software" rule before any wager could be placed.
- ✓ No bets were possible through the remote session.
Why it matters
This is a clean, same-week, same-method contrast:
| Operator | Geo provider | Tailscale Mac RDP | Result |
|---|---|---|---|
| BetRivers PA | XPoint | Mac-to-Mac via Finder | ✗ Undetected — 1-hour FaceTime + sustained Mac RDP (June 30) |
| FanDuel NJ | GeoComply (PLC) | Mac-to-Mac via Tailscale | ✓ Blocked immediately — Blocked Software rule |
The attack uses entirely off-the-shelf, legal tools. Catching it in real time on FanDuel NJ while XPoint misses the identical pattern on BetRivers PA is a concrete compliance advantage for GeoComply in operator conversations this week.
Cross-reference
- BetRivers PA (XPoint) — CIV-88 retest: FaceTime 1 hour + Tailscale Mac RDP undetected (June 30) — competitor gap on the same vector.
- GeoComply / Bally Bet NJ — Tailscale remote control blocked at login + mid-session (June 2, CIV-82) — prior GeoComply win on the same attack class.