Re: Is this project dead?
Posted: 31 Mar 2018, 15:07
waves wrote:...[stuff]...
gearhead wrote:...[stuff]...
I share this concern, but also willingly admit my lack of skills to judge whether the concern is real in the context of Runeaudio. I did notice in the first arstechnica post linked above that the person wrote: "He said the vulnerability was present only when users enabled remote access and disabled password protection." I would, somewhat daringly suggest that anyone who knowingly does so deserves to get hacked.
The question is, is this remote access enabled by default somehow? It would seem that the WLAN interface is active by default, but if that interface is disabled, the RuneAudio RPi would be entirely behind the router and as such protected. I find no indication that one could gain access from without then. (Also disable UPnP, I guess).
Or am I wrong?