Did you find this article helpful?
Potential Security Flaw In Spotify Connect
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
My Question or Issue
I found some interesting and hopefully unintended behaviour with unknown users outside my network able to play music on my home speakers.
I was at work, connected to my work wifi network, when my wife contacted me from home, asking me to stop playing loud drum and base on the speaker in our bedroom, as it was waking our baby up.
I was very confused as I was not even listening to music at the time - let alone playing it from speakers at my home.
I was eventually contacted by someone in my office, apologising for accidently playing music on the wrong speaker - as they had been trying to connect to a speaker in the office.
This person has never been connected to my home network (my house is 2 hours from the office), yet they and a number of other colleagues that I had never met had all been able to connect to my home speaker, select music, and turn the volume up (they put it to max before realizing they had the wrong speaker).
All users were connected to the same work network that I was connected to.
I suspect this was able to happen because at the time, I had Tailscale running, using a NAS on my home network as an exit node.
Surely it is not the intended behaviour for devices to be accessible to unknown users when not all connected to that users home network directly?
- Labels:
-
Security
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page