Davesworld wrote:
> It puzzles me why people are just now worried about security over wifi,
> it never really existed without VPN
Probably because it never really made the news plus it was the "Topic de
Jour" as it is now with all the hackings of Target, Home Depot, Equifax
in the news
Its just not very convenient to not use wireless remote control. The
most important reason to use a Squeezebox for many users.
---
learn more about iPeng, the iPhone and iPad remote for the Squeezebox
and
Logitech UE Smart Radio as well as iPeng Party, the free Party-App,
at
I like how this made the news but WPA2 was cracked by other methods long
before this and one could be a block away to do them. The reasons this
one bothers me even less is because they have to be awfully close to
pull it off and the other reason is that I ALWAYS run my wireless lan on
a different
eindgebruiker wrote:
> You'd better watch out riding around with your Squeezebox Touches :p
Guess I better remove the WiFi cards before somebody takes over my
Thunderbird while I'm driving down the road! :cool:
*iPhone*
Media Room:
ModWright Platinum Signature Transporter, VTL TL-6.5
You'd better watch out riding around with your Squeezebox Touches :p
eindgebruiker's Profile: http://forums.slimdevices.com/member.php?userid=10427
View this thread: http://forums.slimdevices.com/showthread.php?t=108140
.
.
So you folks in Apartments and Stacked Living are really the only ones
that need to worry (next time you wake up in the middle of the night,
look around to see which neighbors lights are on, that is probably the
guy you need to worry about). :roll eyes: :rolleyes:
*iPhone*
Media Room:
... AND the attacker has to be both quicker and nearer to the end point
to override the signal coming from your router. Long shot at best.
-Transcoded from Matt's brain by Tapatalk-
--
Hardware: 3x Touch, 1x Radio, 2x Receivers, 1 HP Microserver NAS with
Debian+LMS 7.9.0
Music: ~1300 CDs, as
As long as KRACK cannot see Pre-Shared WPA2 password then I am not
worrying. Furthermore, both WiFi access point and client have to be
unpatched for this hack to work.
earthbased's Profile:
That doesnt mean its not vulnerable. Its just more complicated to
break than more modern Linux versions.
---
learn more about iPeng, the iPhone and iPad remote for the Squeezebox
and
Logitech UE Smart Radio as well as iPeng Party, the free Party-App,
at penguinlovesmusic.com
*New: iPeng 9,
Too old to be vulnerable.. haha
-Transcoded from Matt's brain by Tapatalk-
--
Hardware: 3x Touch, 1x Radio, 2x Receivers, 1 HP Microserver NAS with
Debian+LMS 7.9.0
Music: ~1300 CDs, as 450 GB of 16/44k FLACs. No less than 3x 24/44k
albums..
iPhone wrote:
> And how many have you broken into?
The point is that those other people can see my network too. And I was
mistaken: I can see over 75 networks.
However, I just checked my Touch, and it uses wpa_supplicant version
0.5.7, which is very old and does not contain the all-zero
Let's not overreact It's just a hard to execute proof of concept
crack of a security protocol which will likely be fixed on most things
you care about before there are exploits in the wild. Keep your knickers
untwisted.
-Transcoded from Matt's brain by Tapatalk-
--
Hardware: 3x Touch, 1x
John Stimson wrote:
> I don't know, maybe the dude with a house full of Vandersteens has a
> pretty juicy bank account?
>
> I don't think that relying on the laziness of criminals is a very good
> security philosophy.
I agree which is why my Networks are as completely secure as possible.
iPhone wrote:
> Besides, which one of us has anything worth the time to go to the
> trouble to backdoor an SB3 to access our Network?I don't know, maybe the dude
> with a house full of Vandersteens has a
pretty juicy bank account?
I don't think that relying on the laziness of criminals is a
eindgebruiker wrote:
> In my apartment I can see over 20 wifi networks around me.
And how many have you broken into? I am betting none. Most people first
don't have the skills plus in today's it "All About Me Social Media
World" they don't have the time either.
In another post I think Pippin
pippin wrote:
> Doesn't really help on a home network. You'd have to use certificate
> pinning as well because you can't identify the server and that would
> probably beyond "usable".I would think a VPN bridge would be the only
> workable way, bridging
between the wired segments of your network
drmatt wrote:
> Time for an SSL wrapper
>
Doesn't really help on a home network. You'd have to use certificate
pinning as well because you can't identify the server and that would
probably beyond "usable".
---
learn more about iPeng, the iPhone and iPad remote for the Squeezebox
and
mavit wrote:
> My understanding is that traffic can also be injected onto the network.
> An attacker could connect to Logitech Media Server and do any of the bad
> things described at
>
eindgebruiker wrote:
> Do you trust both the Squeezebox software and Squeezebox server software
> to be free of vulnerabilities?
I believe the thin client SB are pretty impervious to anything ;)
LMS and its base OS, that is another story. For maintenance reasons many
put LMS on a VM or on a
Time for an SSL wrapper
-Transcoded from Matt's brain by Tapatalk-
--
Hardware: 3x Touch, 1x Radio, 2x Receivers, 1 HP Microserver NAS with
Debian+LMS 7.9.0
Music: ~1300 CDs, as 450 GB of 16/44k FLACs. No less than 3x 24/44k
albums..
slartibartfast wrote:
> [emoji3]
> I was thinking more of blocks of flats where your WiFi is visible to
> very many "neighbours"
In my apartment I can see over 20 wifi networks around me.
eindgebruiker's Profile:
pippin wrote:
> Of course there are then additional risks if people are able to sniff
> passwords etc. and its not a desirable situation but what kind of
> sensitive information is usually going to or from your Squeezebox?
My understanding is that traffic can also be injected onto the network.
>From https://www.krackattacks.com:
> As a result, even though WPA2 is used, the adversary can now perform one
> of the most common attacks against open Wi-Fi networks: injecting
> malicious data into unencrypted HTTP connections. For example, an
> attacker can abuse this to inject ransomware or
Well, I could think up quite a number of scenarios where I dont have to
be a neighbor myself, just look at how many hacked devices there are
already out there, if you use any of those to hack other WiFi networks
you can get quite a reach.
All of that said: unless there are ADDITIONAL
drmatt wrote:
> You have nice neighbours..
>
>
> -Transcoded from Matt's brain by Tapatalk-[emoji3]
I was thinking more of blocks of flats where your WiFi is visible to
very many "neighbours"
Sent from my SM-G900F using Tapatalk
slartibartfast wrote:
> Unless they were neighbours.
>
> Sent from my SM-G900F using TapatalkYou have nice neighbours..
-Transcoded from Matt's brain by Tapatalk-
--
Hardware: 3x Touch, 1x Radio, 2x Receivers, 1 HP Microserver NAS with
Debian+LMS 7.9.0
Music: ~1300 CDs, as 450 GB of 16/44k
drmatt wrote:
> Life will go on. Like with most vulnerabilities someone would have to
> drive by and target you.
>
>
> -Transcoded from Matt's brain by Tapatalk-Unless they were neighbours.
Sent from my SM-G900F using Tapatalk
Life will go on. Like with most vulnerabilities someone would have to
drive by and target you.
-Transcoded from Matt's brain by Tapatalk-
--
Hardware: 3x Touch, 1x Radio, 2x Receivers, 1 HP Microserver NAS with
Debian+LMS 7.9.0
Music: ~1300 CDs, as 450 GB of 16/44k FLACs. No less than 3x
... for which you might not get any updates pre-iOS 9, too.
And most Android devices probably will not get an update at all
---
learn more about iPeng, the iPhone and iPad remote for the Squeezebox
and
Logitech UE Smart Radio as well as iPeng Party, the free Party-App,
at
And old squeezeboxes will have the same faith as any other dead not
longer developed product , it will not get any patches .
But I'm more concerned about the laptop iPad iPhone and router at the
moment
Main hifi: Touch + CIA
Well, right now not a single one of your devices is safe, long term
well have to see.
---
learn more about iPeng, the iPhone and iPad remote for the Squeezebox
and
Logitech UE Smart Radio as well as iPeng Party, the free Party-App,
at penguinlovesmusic.com
*New: iPeng 9, the Universal App
Only if you enable it.
-Transcoded from Matt's brain by Tapatalk-
--
Hardware: 3x Touch, 1x Radio, 2x Receivers, 1 HP Microserver NAS with
Debian+LMS 7.9.0
Music: ~1300 CDs, as 450 GB of 16/44k FLACs. No less than 3x 24/44k
albums..
pippin wrote:
> That said: SBs usually don't transmit that much sensitive data although
> they can of course be used to hack into whatever is on your network once
> they have access.That seems like a pretty serious concern. I don't really
> want some
random person operating a machine on my
Can clients be attacked through that? Isn't it just APs?
---
learn more about iPeng, the iPhone and iPad remote for the Squeezebox
and
Logitech UE Smart Radio as well as iPeng Party, the free Party-App,
at penguinlovesmusic.com
*New: iPeng 9, the Universal App for iPhone, iPad and Apple
And yet BSD got a fix out in less than a month. Apple should just pick
that up.. ;)
-Transcoded from Matt's brain by Tapatalk-
--
Hardware: 3x Touch, 1x Radio, 2x Receivers, 1 HP Microserver NAS with
Debian+LMS 7.9.0
Music: ~1300 CDs, as 450 GB of 16/44k FLACs. No less than 3x 24/44k
It will only become relevant when an official soution is agreed (the
problem is a protocol flaw not an implementation one) and router
firmware is updated. According to reports - Apple have been working on
the flaw for about a month and no update so far !
About zero. The Krack has no known exploits in the wild by the look of
it, for now. And I doubt you're that worried about the security of the
data going to your squeezeboxes..?
-Transcoded from Matt's brain by Tapatalk-
--
Hardware: 3x Touch, 1x Radio, 2x Receivers, 1 HP Microserver NAS with
37 matches
Mail list logo
