I have no clue why you should set a password on LMS. I even showed my 8-year old how she could use an old phone (without SIM) as a graphical remote for her Boom. The HTTP interface also only executes specifically coded content, so there is no possible exploit in the form of arbitrary code injection - which in fact will work on https sites as well. Lastly the only people able to sniff out traffic between you and the LMS server has to be on the same LAN where you are most likely running the most unsafe protocol in existence, namely SMB otherwise known as Windows file sharing. Exception of course if ports were opened to allow control over the internet but why on earth would anyone want to control music in some room while being literally miles away from it?
That said, I actually access my LMS through an Apache proxy which eliminates the `:9000` in the URI. If one really, really insists on HTTPS then adding it at this level is even less than a piece of cake. ------------------------------------------------------------------------ gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=115292 _______________________________________________ Squeezecenter mailing list [email protected] http://lists.slimdevices.com/mailman/listinfo/squeezecenter
