![]() And if they do, they should at least keep an ear out for any evil commands their Sonos might be whispering to their Echo after dark. But it does mean owners of internet-connected speakers should think twice about opening holes in their network designed to let external visitors into other servers. ![]() None of this adds up to much of a critical security threat for the average audiophile. ![]() We do not recommend this type of set-up for our customers." Bose has yet responded to WIRED's request for comment on Trend Micro's research. A Sonos spokesperson wrote in response to an inquiry from WIRED that the company is "looking into this more, but what you are referencing is a misconfiguration of a user’s network that impacts a very small number of customers that may have exposed their device to a public network. But Bose has yet to respond to Trend Micro's warnings about its security vulnerabilities, and both companies' speakers remain vulnerable to the audio API attack when their speakers are left accessible on the internet. In testing devices running an older version of Sonos software, they even found that they could identify more detailed information, like the IP addresses and device IDs of gadgets that had connected to the speaker.Īfter Trend Micro warned Sonos about its findings, the company pushed out an update to reduce that information leakage. "It's starting to freak me out and I don't know how to stop it." She eventually resorted to unplugging the speaker.īeyond merely playing sounds through a victim's device, a hacker could also determine information like what file a vulnerable speaker is currently playing, the name of someone's accounts on services like Spotify and Pandora, and the name of their Wi-Fi network. With SONOFY youll be able to: - Intercom/PA to your Sonos speakers from anywhere in the world - Have your phones notifications broadcasted over your Sonos. The company's researchers point to one posting from a customer on a Sonos forum who reported earlier this year that her speaker had begun randomly playing sounds like door creaks, baby cries, and glass breaking. And the audio-hacker haunting Trend Micro warns about may have already actually happened in the wild. Given the complexity of those voice assistant attacks, however, pranks are far more likely. 'Anyone can go in and start controlling your speaker sounds.' "Anyone can go in and start controlling your speaker sounds," if you have a compromised devices, or even just a carelessly configured network. "The unfortunate reality is that these devices assume the network they're sitting on is trusted, and we all should know better than that at this point," says Mark Nunnikhoven, a Trend Micro research director. But the researchers warn that anyone with a compromised device on their home network, or who has opened up their network to provide direct access to a server they're running to the external internet-say, to host a game server or share files-has potentially left their fancy speakers vulnerable to an epic aural prank. Only a small fraction of the total number of Bose and Sonos speakers were found to be accessible in their scans. Researchers at Trend Micro have found that some models of Sonos and Bose speakers-including the Sonos Play:1, the newer Sonos One, and Bose SoundTouch systems-can be pinpointed online with simple internet scans, accessed remotely, and then commandeered with straightforward tricks to play any audio file that a hacker chooses. Instead, if you own one of a few models of internet-connected speaker and you've been careless with your network settings, you might be one of thousands of people whose Sonos or Bose devices have been left wide open to audio hijacking by hackers around the world. If so, you haven't necessarily lost your mind. I have tried reconfiguring the remote, deleting/adding the remote but nothing has worked.Perhaps you've been hearing strange sounds in your home-ghostly creaks and moans, random Rick Astley tunes, Alexa commands issued in someone else's voice. I can control the sound on the sound bar fine via the app on my phone/PC. When I hit Vol+/-, the /- indicator on TV shows up, but the sound on the sound bar does not change. I've replaced the batteries in the remote, and have also tried multiple remotes (the Samsung TV remote as well as my Harmony, both of which used to control the sound just fine). The sound bar is hooked up to the TV via optical cable, and I've confirmed the TV is set to use the Optical sound output. ![]() I had not made any configuration changes prior to this breaking, though I think I remember the TV updating its firmward a week or two ago. Since then, to change the volume, I either need to push the buttons on the sound bar directly, or I need to use the Sonos app on my phone/pc. This had been working flawlessly for about 2 years - and then it just stopped working 2 days ago. ![]() A couple of days ago, I lost the capability to control sound on my Sonos sound bar from my TV remote. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |