Re: [slim] Windows sleep while LMS is running -- let's save some electricity!
Reviewing the latest comments, I think I'm starting to get it. Yes there is constant chatter between LMS and players, even when there is no music playing. So much in fact that I created a separate network for my squeezebox devices to shield my other machines from the noise. Thus if you have player software running on your windows machine it will receive constant triggers, if I remember correctly some 16 times per second, and this will prevent the machine from entering sleep. gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=116124 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] Windows sleep while LMS is running -- let's save some electricity!
I fear I'm failing to see the point. LMS is a service that needs to be listening in order for a client to be able to connect to it. If the system goes to sleep the service won't be able to respond and consequently will also not cause the system to return to normal operation. Of course, should you have specific time frames when LMS is accessed you could use a combination of a scheduled system shutdown and a timer switch. Seems a lot of trouble though considering that you can run a Pi for like a full week before reaching 1 kWh usage. You'll save a lot more watching 1 hour less TV every day. ---- gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=116124 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] Network Topology...
A static lease still must be assigned for the router to register the associated machine in its DNS and routing table. You should enforce renewal of the IP on the LMS machine, or simply wait for the lease to expire. gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=115872 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] How to change the keyboard layout ?
Ah... I missed that. Don't have a Pi, so I can't really test any of the following. Quick glimpse seems to indicate that in PcP optional packages have been moved from root to /usr/local, so you probably need to prefix the path to Keyboard.lua with that (i.e. /usr/local/usr/share/jive/jive/ui/Keyboard.lua ). If it's not there try the `find` command. Another thing, as PcP loads its RAM filesystem from compressed files on the SD card the change you make (if possible) will not persist between boots. ---- gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=115763 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] How to change the keyboard layout ?
Strange. Line 3 should be a comment line in the created file. Somehow on
your system it doesn't appear to generate the correct result. The
intended content of /root/slim-set-kbmap.sh is:
Code:
#!/bin/sh
#
# script to override the language based automatic keyboard layout selection
in SqueezePlay
# - takes an alpha-2 ISO country code as input
# - if the input is invalid, empty or unsupported, then the script will
restore default behaviour.
#
# (c) 2022 gordonb3
inputlang="$1.."
if [[ "${inputlang:0:2}" == "$1" ]]; then
ISOlang=$(grep -i -m1 -o "'qwerty_$1'" /usr/share/jive/jive/ui/Keyboard.lua |
grep -i -o $1)
newkbdlang="'${ISOlang}'"
else
newkbdlang="locale"
fi
if $(grep -q "kbType .. '_' .. ${newkbdlang}"
/usr/share/jive/jive/ui/Keyboard.lua); then
echo "keyboard layout is already set to ${newkbdlang/locale/default}"
else
echo "setting keyboard layout to ${newkbdlang/locale/default}"
sed -e "s/\(local localizedKeyboard\).*$/\1 = kbType .. '_' ..
${newkbdlang}/" \
-i /usr/share/jive/jive/ui/Keyboard.lua
echo -e "\nNote: you must restart SqueezePlay for the change to take effect"
fi
If you can find your way in the editor (vi) create the file manually
instead.
gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050
View this thread: http://forums.slimdevices.com/showthread.php?t=115763
___
discuss mailing list
discuss@lists.slimdevices.com
http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] How to change the keyboard layout ?
Try this: Open a (ssh) console and execute the following code block Code: ## * Create script to override language based automatic keyboard layout selection cat > /root/slim-set-kbmap.sh
Re: [slim] How to change the keyboard layout ?
mherger wrote: > > > In theory it should be possible to select both of them independent > from[/color] > > What theory? This is not physics, but some logic decision which was > taken many years ago. Lost in translation. What I meant is that there is no technical limitation to have a different language setting on input devices or special formatting (decimal sign, datetime, etc) from the chosen display language. The limitation stems from what the programmer chose to expose to the user, which in this case means that it cannot be done from the (G)UI. Since however you pointed out that the selection is done in the LUA part of the code a user may still manipulate this behaviour through CLI. It needs to be noted here however that this is a `permanent` change and thus will need to be undone if user choses to select a different display language in the UI. gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=115763 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] How to change the keyboard layout ?
mherger wrote: > > Picoreplayer > > I guess that means JiveLite? I believe the keyboard is tied to the UI's > > language. You can't have French menus but an English keyboard. Heheh... I think you should recognize QWERTZ from your own keyboard? It's German layout. In theory it should be possible to select both of them independent from one another but of course whatever frontend you are using must support that as well and then the next question becomes how it achieves that - does it translate the input from Clang or actually change the system locale? In the latter case it should be possible to hack into it and override the `xkbmap` through the logitech user profile. gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=115763 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] https connection to LMS ?
Roland0 wrote: > ownership isn't required, you can also use e.g. a duckdns subdomain > the subdomain / host name doesn't have to exist, and you can get > wildcard certificates (so one can use e.g. *.internal.domain.com with a > single SSL cert) > Letsencrypt only offers wildcard certificates using DNS-01 challenge, meaning that you must be able to control the DNS server to add/remove a TXT entry. > > The challenge takes a couple of seconds, so the webserver only has to be > online for that. could be done with e.g. some dyndns, or just point the > domain at the public ip for that time if you have one (or use a VPS, > which one can get for ~2 EUR/month) > Yes, but that requires more programming skills and the point here is that people appear to expect that this could work out-of-the-box. It doesn't. Also don't forget that Letsencrypt certificates are only valid for 90 days and thus you must repeat these actions regularly. > > A internal DNS proxy / server can map queries for the domain used in the > certificate to the correct LAN IPs (*.internal.domain.com -> 192...). No > public IP, and nothing is exposed to the outside. > You can also simply edit the hosts file (%windir%\system32\drivers\etc\hosts on Windows), either way I'm sure that by now we have lost the topic starter completely. > I thought about that (using 'mkcert' > (https://github.com/FiloSottile/mkcert)), but decided against it for a > number of reasons (mainly the one you mentioned, but also since it > generally seemed to be huge hassle ) (...) :confused: gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=11 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] https connection to LMS ?
Roland0 wrote: > Looks interesting, however seems to be mainly geared to exposing LAN > services to the Internet. Would need integrated DNS proxy / DHCP server > for the full package. > Might be an option for those brave enough to expose LMS to the outside > (as it seems to offer some sort of authentication mechanism) > > > The encryption part isn't that important to me (if there's someone > capable of reading traffic in my LAN, I have a much bigger problem than > someone playing music at my home), and even less so for audio data. > It's really more convenience / aesthetics (nice urls like > lms.domain.com, no browser warnings, able to use SSL everywhere etc.) To use Letsencrypt you must own a public domain and whatever name you want a certificate for must be registered to that domain and reference a plain HTTP server to complete the challenge. Depending on what firewall you run in your main router you could also use your public IP to access the HTTPS proxy, but that will obviously also mean that this will be exposed to the entire internet (again depending on your firewall and its configuration). An alternative option is to create your own Certificate Authority (CA) and use that to sign certificates for e.g. lms.domain.local. This will however require you to import the public key of that `SnakeOil` CA on each device that you use to access LMS and may be something of an issue on some of them (I'm still trying to figure out how to import an X509 on an Android phone). ---- gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=11 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] https connection to LMS ?
RobbH wrote: > That's probably a very helpful explanation for the original poster and > anyone who finds this thread in the future. But you seem to have > interpreted my comment as critical of Logitech, and I would like to > state that that was not my intention. I don't care about the Logitech brand, `where technology goes to die`. OP posted a non-issue because browsers may prefer HTTPS but it is still the same protocol and so there is no question of them becoming unable to do HTTP. If Chrome should enforce HTTPS you need to get a different browser, because it will prevent you to access your NAS, your managed switch, any IoT device you might have in your house. You cannot equip a device with HTTPS, it is the owner that needs to enable and maintain it, and no person that doesn't suffer from paranoia will ever do this for home appliances that are not exposed to the internet. ---- gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=11 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] https connection to LMS ?
RobbH wrote: > I'm trying to imagine a scenario in which Logitech did not buy Slim > Devices, fifteen years ago, and the hardware is still supported now. It > seems to me that it would be very unlikely that we would enjoy the level > of support we have now, in any case. Stop it. The level of support is just fine and probably even better than any commercial party will offer. There is just no new development in hardware, but even if there was it would still not include HTTPS support for the simple reason that it is impossible for any manufacturer to know what domain you run on your internal network, if any. What you are failing to identify here is that the primary objective of HTTPS is not so much about encryption but about peer identification. A certificate thus always contains a name and if the name does not match then your browser will reject the site completely rather than simply cause you annoyance for needing to remove a `s` in the address field. Tip: create a bookmark - then you will never have to correct the URI again. gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=11 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] https connection to LMS ?
I think you should have searched better, because this seems like a duplicate entry to me. AFAIK the players don't communicate with LMS over HTTP. This interface is really only to allow you to control what is being played. The main point about using plain HTTP here instead of secure HTTPS is that it doesn't require a (commercial) certificate and because of this *every* home appliance that offers some web based interface will use plain HTTP. The thing here is that HTTPS is difficult and requires maintenance that a regular home user shouldn't and doesn't want to be bothered with. As such it would amaze me very much if Chrome would enforce HTTPS and by doing so make communication with such home appliances impossible. If you are willing to do the effort of maintaining the validity of the HTTPS certificate it is not that big a deal though. Simply place LMS behind a HTTP(S) proxy (e.g. lighttp, nginx, apache), but do note that these web server applications may (by default) prohibit some of the URI strings used by the LMS frontend. For instance if you use Apache frontend then some of the images will not be displayed unless you specify the override `AllowEncodedSlashes NoDecode` in the server config. ---- gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=11 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] Security risks of old Squeezeboxes(?)
Regarding VLANs, just think of it as a postal system: 1: you write a letter to someone in Moskow - this is your data 2: you put the letter in an envelope - this is your Ethernet package 3: you send the letter which is then transported to the sorting center - this is the wire between your computer and the switch 4: in the sorting center the letter is put in a bag that is labeled Moscow - this your VLAN tag 5: the bag is transported to the airport, together with bags to other destinations - this is the wire to the next switch 6: on the airport the bags are placed on the correct planes - you shouldn't need that many switches, but this for story consistence 7: in Moscow the bag is opened - this is the removal of the VLAN tag 8: the letter is transported to the final destination - this is the wire between the switch and the receiver 9: the receiver opens the envelope, reads the letter and writes a letter back. As for masquerading, this is a special case of NAT where the router replaces the origin of the package with its own address (SNAT - Source Network Address Translation). Yes if you cascade consumer type routers this will cause this NAT process to occur just as many times as you have routers stacked, but because every next router cannot see that the package has previously been masqueraded already this will not cause any issue. The main issue that you can have with NAT is usually related to destination rewriting (DNAT) where the target machine is configured to use a different router to send the reply (which in this type of NAT is the original sender IP). This is something like you asking Bob who is not wearing his hearing aid what time it is and Adam shouting from the other room that it is 10PM which is probably not related because it is broad daylight and annoyingly Bob is not responding so you still don't know what time it is. ---- gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=115017 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] Security risks of old Squeezeboxes(?)
So to answer the main question whether you need VLANs: No. The same can be accomplished by simply adding more hardware. For instance to separate your internal network from SB devices you can simply place a masquerading router in between. The same for less trusted IoT devices, just branch it off by adding secondary routers directly behind the ISP router. That's not a bad idea either way because many ISPs install back doors in their supplied routers, officially to be able to perform maintenance but who knows what else they do? gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=115017 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] Security risks of old Squeezeboxes(?)
I wonder if this deserves it's own topic? At least it seems appropriate to explain some of the definitions as this appears to confuse a lot of people. NETWORK TOPOLOGY (HARDWARE WIRING) In essence there are three different ways to connect your machine to a network: bus, ring and star. On a bus all devices branch of from a single wire, like a battery powered string of Christmas lights. Ring is similar however each node has two connectors that in turn each connect to just one neighbour. Both these methods are no longer used for ethernet¹. Present day networks all use a star shaped topology, but like a snowflake it may contain branches that form a new star. Nelson's drawing is a nice example of that. ¹) Fun fact: Ethernet is named such because its very first implementation was in fact wireless. It was developed by the University of Hawaii to allow computer communication between the islands. The original protocol was unmanaged and was nicknamed `Aloha` as each node would simply start sending information regardless of whether another node already occupied the line, garbling the signal. STAR NETWORK COMPONENTS - The heart of a star network is either a hub or switch. The difference between the two is that a hub simply repeats all data from one incoming line to all other lines whereas a switch will only forward the data to the line to which the target machine is connected. An exception to this are so-called broadcast and multicast messages which will be repeated to all lines. - A managed switch is a special type of switch where you can configure individual ports to allow or disallow specific data streams or assign higher priority. - A router is yet another type of switch that allows going from one IP address range to another. This may be static pass through, but in many cases it involves what is known as masquerading where the router rewrites the package so that the receiver cannot see the original sender but only the router. - An access point (AP) is a hub that uses wifi radio instead of wiring. Consumer devices usually combine this with a router function. DEFINITIONS - An SSID is the public name of a wifi network. A single AP may publish multiple SSIDs, each which it's own policies (password, encryption method, etc) attached to it. - VLAN is a method to allow sending multiple networks over a single wire. A poor man's solution to this is to simply use multiple IP address ranges, but in that case multicast messages sent by one network will also be seen by the other network(s). VLAN tagging allows network components that are able to process it to be isolated from other traffic (having either a different VLAN tag or no tag at all). Machines that cannot process VLAN tags will always drop tagged packets. ---- gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=115017 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] Security risks of old Squeezeboxes(?)
I bet it has to possible to allow specified traffic to pass from guest to main wifi on openwrt. The main challenge here really is that you can't have any routing between the SBs as this will block the broadcasts (which is of course the objective), so this won't work with a fully wireless `poor mans mesh` setup. ---- gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=115017 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] Security risks of old Squeezeboxes(?)
Jaca wrote: > Thank you for going into trouble of this comprehensive answer.. > > I will try get my head around it when I find a minute.. I mean quite few > hours to scratch my head.. > > I think my main problem was fact that due to rural location my lan is > actually already vlan of next-door meraki router managed by isp (it was > only way to get fibre speed connection) So not sure if I can create > another vlan within vlan( like nested vlan) without admin access to main > router.. I do have switch with vlan capability and few openwrt routers > acting as dumb AP mesh wifi so few possible options are there. However I > remember worrying about double NAT as dhcp is running on managed router > next door. Not sure if that's relevant to vlans or not.. > > I can request some vlan config changes from isp, but I would need to be > actually sure I know what I'm doing [emoji23].. That won't matter. The VLAN info will only be on the outside connection, otherwise nothing in your house would be able to talk to each other. You can simply create new VLANs and you could even re-use VLAN IDs from the main router as long as you make sure that no tagged data is sent on your outside line. If your SBs are all wired you could set this up with your current hardware (don't know what you run LMS on?) Not exactly an expert on openwrt, but from what I've seen it is basically Linux and it does offer guest wifi so probably all that you require for segmenting your network is already inside those boxes. Somebody may in fact have already done something similar and posted it on their 'user forum' (https://forum.openwrt.org/) gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=115017 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] Security risks of old Squeezeboxes(?)
Jaca wrote: > Thanks, so your set up is actually not affecting phone operation..that's > sound great. Could I ask what device is you lms hosted on so it has 2 > lan connections.. I was trying to set smth similar but got nowhere, > thanks I have a somewhat older device, an Excito B3 (armv5, 1GHz, 2*Gb NIC + Wifi). I don't actually use the second NIC adapter internally though because this also serves as my internet router. What I did was enable VLAN tagging on the internal NIC and create multiple SSIDs on the wifi and then I bridged some of these virtual objects. Confused? WIFI: The idea is the same as a guest wifi. Assuming you run Linux and your machine has a wifi adapter, you need to install `hostapd`. The default config should get you going to create a wifi AP. The next step is to identify your adapter name and note it's MAC address but change the first two digit number to become `02` (e.g. if you have `09:ab:cd:ef:12:34` write down `02:ab:cd:ef:12:34`). In your hostapd.conf add/edit the following directives: Code: interface= bssid= I use a udev rule to override the so-called predictable names to follow the old standard where the wifi adapter is wlan0. To create additional SSIDs extend the hostapd.conf with directives like the following: Code: bss=wlan0_0 ssid=squeezeplay bss=wlan0_1 ssid=guest bss=wlan0_2 ssid= privileged wpa_key_mgmt=WPA-PSK wpa_pairwise=CCMP wpa=3 wpa_passphrase=ExtremelySecretPassword Note that the original wlan0 is your primary SSID, so if you add all of the above you will have 4 wifi networks in total. Of course all of these need their own static IP address and you require a DHCP server to distribute IP addresses to connecting machines. Despite its name, `dnsmasq` works excellent for this. VLAN TAGGING In a nutshell this means that you wrap your network traffic in an additional envelope. Both peers must support it, meaning that you require a switch that is able to understand this protocol (802.11q). Since however the switch can either add or strip the additional VLAN tag you do not need to make changes to other devices as well, but you will have to mark which physical port on the switch is linked to what VLAN. ---- gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=115017 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] Security risks of old Squeezeboxes(?)
Jaca wrote: > Just wondering how you control your squeezeboxes? I cannot image life > without material apk on my phone or tablet. Those talk to LMS and that server has a secondary address on my regular LAN which also provides a route to the outside world so I can listen to radio. ---- gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=115017 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] Security risks of old Squeezeboxes(?)
philippe_44 wrote: > All my untrusted devices run on a separated WiFi network that has its > own public IP (my ISP allows me to have two) because I agree with you, > all these gadgets are, intentionally or not, security disasters. Re SB, > one other thing is that you're stuck to older WPA and your WiFi is > subject to KRACK or similar attacks vectors. One option is to run your > SB system in the same "dirty pool" as your other gadgets. Yeah, I actually run my SBs on an `open` wifi with the LMS machine acting as the AP (hostapd). I have a MAC address restriction on it though and the address pool is completely filled. There is also a restrictive firewall that runs both ways, only allowing ports 80,3483,9000,9090 TCP and 67,68,53,3483,17784 UDP, so anyone managing to gain access to this wifi SSID despite the installed barriers will quickly get bored to hell and leave. gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=115017 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] Security risks of old Squeezeboxes(?)
philchillbill wrote: > But dont forget that the Chinese baby monitor or IP cam you bought and > connected up on your LAN is constantly phoning home to pick up potential > malware. The attacker doesnt have to target your home specifically. > Targeting the manufacturers website is a single point of attention for > a hacker. If successful, the millions of IOT devices phoning home will > pick up the malware with no need for a targeted attack on anybody > specific. The Chinese use off the shelf IOT stacks they dont > necessarily understand too well and many of those are riddled with > vulnerabilities. That's all hypothetical. I mean, how many SBs are really still out there? Would there really be someone thinking it might be worth while to reprogram e.g. a Tuya device to find and manipulate SBs through their exposed ports? ---- gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=115017 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] Security risks of old Squeezeboxes(?)
As some already responded, your SBs sit in a private network. The point about this is not so much the firewall that sits between you and the dangerous internet, but that no public router knows how to direct traffic from any random machine on the internet towards any address on your private LAN. No this does not mean that you are completely safe, but what it does mean is that a hacker will have to do James Bond stuff to find out your network details and I would dare question whether you are worth so much trouble - not meant in any offensive way of course. The methods that hackers use to get access to devices owned by random people are roughly the following: - you opening a web page that contains malware - you opening an email that contains executable code inline (usually a screen saver file) - you opening an email attachment that includes a malicious macro to be executed by the associated application If you are something of a hobbyist the following methods may apply as well: - you opening port 25 on your firewall to expose an email server - you opening web ports on your firewall to expose a web server with some kind of preprocessor capability (PHP, Java, Perl) allowing random code injection - you opening the SSH port on your firewall None of this would ever apply to your SBs. For those to load something malicious someone would first have to hack your entire network topology to redirect traffic from your SB away from its intended target, towards a machine that is controlled by the hacker. Again way too much trouble for what this type of hacker wants to accomplish, which is really nothing else than sending spam, finding other vulnerable machines and occasionally organizing so-called Denial of Service attacks. All of this said I still run my SB devices in a separate VLAN as I found they are extremely loud, sending broadcasts even at a higher rate than Apple devices do and I don't really need my workstation to be constantly distracted from the processes I want it to run by investigating whether it should act on those broadcasts. gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=115017 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] Multi-room stuttering
Unsure if it is related, but the only time I experienced stuttering was when LMS was set to transcode the music files on the fly. Of course I run this from a single core machine, but it doesn't hurt going into settings (Advanced -> File Types) and selecting native playback for all file types that support it. ---- gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=114977 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] Reinstalling LMS: How to keep preferences?
I think the UUID remark applies when you move the installation to a different machine as the client likely links this to a specific network location (IP/MAC) which would then be incorrect. i.e. no similar instruction exists for upgrading your version of LMS, which is effectively a re-install as well. Note that the preferences folder might be (or rather: should be) in a different location than the application. Also a proper install/uninstall routine will not remove any files that were changed from original. I'm assuming this to be true for the Windows installer and so a re-install will come back with all your plugins still in place unless you manually clean those up. Assuming your current installation still functions you can find these locations in the `information` tab of `http://:9000/settings` gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=114786 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] Logitech is done making Harmony remotes
Pretty fond of the Hub I got running for controlling TV, set-top box and Dune media player. I am somewhat annoyed though about the fact that it requires internet access to allow LAN access through the phone app and home automation services. Never really understood why LMS requires me to connect to a Logitech account as well and here is all the political fuzz about Huawei and Xiaomi allegedly spying on whatever users of their hardware do. So did anyone ever research what it sends and expects in return? Knowing that would allow setting up a fake web server and not needing to worry that it may be taken down at some point (like Zappiti did with their Dune indexing app). gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=114352 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
Re: [slim] Static IP addresses for Squeezebox devices
I don't think it will make much difference because the Slim network protocol includes a discovery and advertising mechanism that allows Squeezebox components to recognize each other in milliseconds. Depending on your network topology you are however likely to benefit from assigning a static IP address to LMS as this machine will also be accessed through other networking protocols (HTTP, telnet). One benefit that I see myself is that when you tell the DHCP server to assign static IP addresses based on MAC you can usually also assign it a static name by which you will always be able to find it, even after a factory reset. gordonb3's Profile: http://forums.slimdevices.com/member.php?userid=71050 View this thread: http://forums.slimdevices.com/showthread.php?t=114051 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss
